IIS4.05.0 Special data format URL request remote DOS attack

zhaozj2021-02-08  254

First explain: Who dares to attack 9CBS to kill innocent

Vulnerability Description:

When there is a Web service with IIS4.0 or IIS5.0, request a URL with a special data format, which will slow down the response speed of the attack web server, and may temporarily stop responding.

Affected version:

MicrosoftInterNetInformationServer4.0

MicrosoftInterNetInformationServer5.0

The vulnerability test procedures are as follows:

Http://202.96.168.51/download/exploits/iisdos.exe

The source code is as follows:

http://202.96.168.51/download/exploits/iisdos.zip

test program:

As long as you are joined: IISDOS <***. ***. **. **> can attack the other party web server

problem solved:

InternetInformationServer4.0:

http://www.microsoft.com/downloads/release.asp?releaseid=20906

InternetInformationServer5.0:

http://www.microsoft.com/downloads/release.asp?releaseid=20904

more information:

http://www.microsoft.com/technet/security/bulletin/ms00-030.asp

Microsoft Security Announcement MS00-021:

http://www.microsoft.com/technet/security/bulletin/fq00-030.asp

Related connections:

http://www.ussrback.com

转载请注明原文地址:https://www.9cbs.com/read-1310.html

New Post(0)