MCI Telecommunications 

                        internetMCI Security Group


Report Name: iMCI MIIGS Security Alert 
Report Number: iMCISE:IMCIMSIIS:083196:01:P1R1
Report Date: 12/10/96
Report Format: Formal
Report Classification: MCI Informational  
Report Reference: http://www.security.mci.net
Report Distribution: iMCI Security, 
		     MCI Internal Internet Gateway Security (MIIGS), 
		     MCI Emergency Alert LiSt (MEALS)
                     (names on file)

----------------------------------------------------------------------------
--- 
The following alert describes a vulnerability discovered within Microsoft's
Internet Information Server 2.0:

As posted by Russ Cooper: Russ.Cooper@RC.on.ca:

After Service Pack 1 for Windows NT 4.0 was released, a bug was found
in Internet Information Server 2.0 (HTTP, FTP, Gopher server) that
would permit someone to easily crash IIS (not NT) via an HTTP command.
Yesterday, the information on how to crash IIS was sent out to a
variety of mailing lists. The result is that a lot of people have this
information in their hands, to do with as they please.
*
A fix has been made available by Microsoft. This fix is to be included
in their next service pack for NT (SP2) which is due out around Dec.
20th. In the meantime, Service Pack 1 has been revised to include this
fix and is available via anonymous FTP from;
*
ftp://ftp.microsoft.com/transfer/outgoing/bussys/mail/sp1a.zip
*
I strongly recommend that any NT 4.0 IIS site, which is exposed to
untrusted networks, should review and apply the above service pack as
soon as possible.
*
Cheers,
Russ
R.C. Consulting, Inc. - NT/Internet Security Consulting
mailto:Russ.Cooper@RC.on.ca <-- *note the new address*



===============================================================