Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: IIS 5.1 DoS exploit released SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
IIS 5.1 DoS exploit released
A Denial of Service (DoS) exploit against IIS 5.1 was brought to our attention. Source code of the exploit is being distributed from multiple sites. The claimed effect of the exploit is to stop the inetinfo.exe process.

We have warned Microsoft and are awaiting a reaction from them.

Confirmation the code works and/or snort IDS signatures will cause updates to this story as we get them.

The smartest mitigation strategy at this point is to plan an upgrade to the most recent version of IIS.

Swa Frantzen

760 Posts
Dec 19th 2005

Sign Up for Free or Log In to start participating in the conversation!