we've always recommended people remove ALL samples from any production server - incl ExAir, WSH, and ADO samples etc. Cheers, MH IIS Security -----Original Message----- From: mnemonix [mailto:mnemonixat_private] Sent: Tuesday, January 26, 1999 8:36 AM To: ntbugtraqat_private Cc: ntsecurityat_private; bugtraqat_private Subject: [NTSEC] IIS 4 Advisory - ExAir sample site DoS TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomoat_private Contact ntsecurity-ownerat_private for help with any problems! --------------------------------------------------------------------------- This advisory is for those that have Internet Information Server 4 installed with the IIS sample site "ExAir". There are three Active Server Pages that, if called directly without the default ExAir page and associated dlls ever having been loaded into the IIS memory space, will hang and eventually time out after 90 secs - the default script timeout period. Whilst in this state, processor usage increases to 100% and the server becomes very sluggish. These pages are: Exair - root/search/advsearch.asp Exair - root/search/query.asp Exair -root/search/search.asp The Exair directory and all subdirectories should be deleted - they are not needed. NTInfoScan will check if your site is vulnerable to this problem. More information about NTInfoScan can be found at http://www.infowar.co.uk/mnemonix/ntinfoscan.htm Cheers, David Litchfield http://www.infowar.co.uk/mnemonix ps - apologies to the owner of the server.com domain.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:30:54 PDT