First explain: Who dares to attack 9CBS to kill innocent
Vulnerability Description:
When there is a Web service with IIS4.0 or IIS5.0, request a URL with a special data format, which will slow down the response speed of the attack web server, and may temporarily stop responding.
Affected version:
MicrosoftInterNetInformationServer4.0
MicrosoftInterNetInformationServer5.0
The vulnerability test procedures are as follows:
Http://202.96.168.51/download/exploits/iisdos.exe
The source code is as follows:
http://202.96.168.51/download/exploits/iisdos.zip
test program:
As long as you are joined: IISDOS <***. ***. **. **> can attack the other party web server
problem solved:
InternetInformationServer4.0:
http://www.microsoft.com/downloads/release.asp?releaseid=20906
InternetInformationServer5.0:
http://www.microsoft.com/downloads/release.asp?releaseid=20904
more information:
http://www.microsoft.com/technet/security/bulletin/ms00-030.asp
Microsoft Security Announcement MS00-021:
http://www.microsoft.com/technet/security/bulletin/fq00-030.asp
Related connections:
http://www.ussrback.com