Microsoft KB Archive/260838

= MS00-031: IIS stops servicing HTR requests =

Article ID: 260838

Article Last Modified on 11/21/2006

-

APPLIES TO


 * Microsoft Internet Information Services 5.0
 * Microsoft Internet Information Server 4.0

-



This article was previously published under Q260838



Notice
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SYMPTOMS
If a malicious user provides a password change request that is missing an expected delimiter, the algorithm conducts an unbounded search. This prevents the servicing of additional HTR requests, and can also slow the overall response of the server.



CAUSE
The body of the request for a HTR page is assumed to be valid.



Windows 2000
The original release of this fix is available in Windows 2000 Service Pack 1. For more information about Windows 2000 Service Pack 1, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to obtain the latest Windows 2000 service pack

For more information about what the updated package fixes, click the following article numbers to view the articles in the Microsoft Knowledge Base:

267560 Changing the URL in a specific manner may expose contents of a file

267559 MS00-044: GET on HTR file can cause a &quot;Denial of Service&quot; or enable directory browsing

260069 Malformed HTR request returns source code for ASP scripting files

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Windows 2000 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The following file is available for download from the Microsoft Download Center:

Download the Q267559_w2k_sp2_x86_en.exe package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

The English version of this fix should have the following file attributes or later:

  Date        Time    Version         Size    File name -  07/07/2000  03:17p  5.00.2195.2100  46,352  Ism.dll

Windows NT 4.0
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows NT 4.0 that contains this fix.

To resolve this problem immediately, download the fix by clicking the download link later in this article or contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS

NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The following file is available for download from the Microsoft Download Center:

US English:

x86: Download Ismpst4i.exe now

Alpha: Download Ismpst4a.exe now

Chinese (Simplified):

x86: Download Ismpst4i.exe now

x86 Symbols: Download Ismpst4is.exe now

Alpha: Download Ismpst4a.exe now

Alpha Symbols: Download Ismpst4as.exe now

Chinese (Traditional):

x86: Download Ismpst4i.exe now

x86 Symbols: Download Ismpst4is.exe now

Alpha: Download Ismpst4a.exe now

Alpha Symbols: Download Ismpst4as.exe now

German:

x86: Download Ismpst4i.exe now

x86 Symbols: Download Ismpst4is.exe now

Alpha: Download Ismpst4a.exe now

Alpha Symbols: Download Ismpst4as.exe now

Japanese:

x86: Download Ismpst4i.exe now

x86 Symbols: Download Ismpst4is.exe now

Alpha: Download Ismpst4a.exe now

Alpha Symbols: Download Ismpst4as.exe now

Korean:

x86: Download Ismpst4i.exe now

x86 Symbols: Download Ismpst4is.exe now

Alpha: Download Ismpst4a.exe now

Alpha Symbols: Download Ismpst4as.exe now

Microsoft Windows NT Server version 4.0, Terminal Server Edition
To resolve this problem, obtain the Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For more information about the SRP, click the following article number to view the article in the Microsoft Knowledge Base:

317636 Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package



Windows 2000
Microsoft has confirmed that this problem may result in some degree of security vulnerability in Internet Information Services 5.0. This problem was first corrected in Windows 2000 Service Pack 1.

Windows NT 4.0
Microsoft has confirmed that this problem may result in some degree of security vulnerability in Internet Information Server 4.0.



MORE INFORMATION
For related information about this problem, please visit the following Microsoft TechNet Web site:

http://www.microsoft.com/technet/security/bulletin/ms00-031.mspx

For more security-related information about Microsoft products, please visit the following Microsoft Web site:

http://www.microsoft.com/security

For more information about what else is fixed by this update, click the following article number to view the article in the Microsoft Knowledge Base:

260069 Malformed HTR request returns source code for ASP scripting files

Additional query words: security_patch DoS denial of service

Keywords: kbdownload kbbug kbfix kbwin2000sp1fix kbgraphxlinkcritical kbqfe kbsecurity atdownload kbhotfixserver KB260838

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.