After further testing, the result is the same: HTTP500 ONLY from that browser window. On other machines or other browser on same machine works fine. Scenario: 1. Log on to OWA with that weird string (other to test). 2. Get response from server: bad CGI or HTTP-500 3. Restart IIS (it is still working thouch) - HTTP-500 4. restart server ( panic?) - HTTP 500 3a. Use Netscape - Works 3b. Use other machine - Works 3c. Close all IE windows and open again - Works Config: NT4 SP6 w/0 Rollup Package (SP7). IIS fully patched w/ SSL 128 bits. Exchange 5.5 SP4 only for OWA (emtpty IS). Mihai -----Original Message----- From: mms To: Mihai PETROV Cc: bugtraqat_private Sent: 8/23/01 5:30 PM Subject: Re: OWA over ssl shutting down IIS Mihai PETROV <mihai.petrovat_private> wrote: : I have reached a different result: : : after entering the %'s, the OWA site returns HTTP 500 - Internal server : error . However, IIS is up and running, other sites work OK. : It seems that the leak is in the Exchange OWA script (ISAPI?) rather than in : IIS. : OWA still not working after restarting IIS. : : Exchange 5.5 SP4, NT4 SP6 w/o rullup package With a similar build as Mihai, I get the HTTP 500 error, however, only from the browser I was trying to log in with (IE). If I switch to another machine (or even just over to Netscape I get the splash screen and can log in fine. -matt : : Mihai PETROV : : > -----Original Message----- : > From: Andrew McQueen [mailto:amcqueenat_private] : > Sent: Thursday, August 23, 2001 1:22 AM : > To: 'bugtraqat_private' : > Subject: OWA over ssl shutting down IIS : > : > : > Here is a copy of postings I posted to the iis security forum : > : > I have just found this bug with our IIS 4 server and OWA : > The server is SP6a with the hotfix roll up applied and also : > the 128 bit : > ssl upgrade OWA is running accross 128 bit ssl : > : > I log onto OWA with an extra long user name of % characters : > ie %%%%%%%%% : > (at least 30 times) : > I then receive the NT username and password box if I then : > fill both of : > these with the same characters and hit return till the page : > times out. : > : > The result ends up with world wide web publishing service is stopped : > And IIS admin service stopped : > : > : > exchange 5.5 sp4 : > The iis server is separate to the exchange server : > I will be able give more specific info tommorrow! : > ie event logs, specific service packs etc : > I have replicated this problem 5 times now and not once has : > it failed to : > work. : > Is this a known problem and if not could it be exploited : > (apart from DOS) : > : > Andy Mcqueen (sorry about the footer it is a legal firm and : > is compulsory) : > -- you make enough cheese / you can be my main boo
This archive was generated by hypermail 2b30 : Thu Aug 23 2001 - 11:43:17 PDT