Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Denial of Service --> Category: denial

NT IIS Malformed HTTP Request Header DoS Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Performs a denial of service against IIS

Detailed Explanation for this Vulnerability Test

It was possible to crash the remote web server
by sending a malformed header request, like :

GET / HTTP/1.1
Host: aaaaaaaaaaaa... (200 bytes)
Host: aaaaaaaaaaaa... (200 bytes)
... 10,000 lines ...
Host: aaaaaaaaaaaa... (200 bytes)


This flaw allows a possible hacker to shut down your
webserver, thus preventing legitimate users from
connecting to your web server.

Solution : See http://www.microsoft.com/technet/security/bulletin/ms99-029.mspx
if you are using IIS. Or else, contact the vendor of
your web server and notify it of this flaw.

Threat Level: High

Bugtraq Id : 579

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.