I have seen a few machines where IIS has been crashing all day. I am guessing it is related to this idq.dll worm. All of these machines DO have the Q300972 patch applied to them, yet they are still crashing. I would like to test some things (repatching, applying service packs, etc..). Does anyone have a proof of concept exploit for this problem? Thanks! gvb On Thu, 19 Jul 2001, Jim Hribnak wrote: > > There appears to be a WIDE spread issue with IIS 4 and IIS 5 right now. The > services will automatically shut down when attacked. There is patches (old > Patches) that seem to fix the problem YET the patch says its for Microsoft > Index server (a lot of people are not running Index server, yet this patch > fixes the crashing problem. > > Upon further reading of the bulletin below it say > > " > Affected Software: > > a.. Microsoft Index Server 2.0 > b.. Indexing Service in Windows 2000 > " > > Most people will not install this if they are not running the software > listed above. The above should have also said IIS 4 and IIS 5 are affected. > > And it does if you read the technical section.. > > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ > bulletin/MS01-033.asp > > for IIS4 /NT4 > http://www.microsoft.com/ntserver/nts/downloads/critical/q300972/default.asp > > for IIS5/Win2000 > http://www.microsoft.com/windows2000/downloads/critical/q300972/default.asp > > > > --------------------------------------- > Jim Hribnak > Manager Communication Services > Nucleus Inc. > 403-209-0000 > > > >
This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 15:04:05 PDT