Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Registry Change Might Prevent DoS Attack; Unchecked Buffer Vulnerability
In this issue of Keeping Up with IIS, Allen Jones brings you up to speed on two new vulnerabilities that concern recent DoS attacks and IIS 4.0 components with unchecked buffers.
Allen Jones
May 8, 2000
1 Min Read
Registry Change Might Prevent DoS Attack
A new Microsoft article recommends that customers using either IIS 4.0 with Service Pack 5 (SP5) or newer or IIS 5.0 modify a Registry setting that might help stave off one type of Denial of Service (DoS) attack. The Microsoft article " Description of the MaxClientRequestBuffer Registry Value" describes the MaxClientRequestBuffer value. Note that the article doesn't really suggest a value. You can arbitrarily find which value works best for you based on the maximum size of your incoming client HTTP request header. (For me, 512 bytes was more than adequate.)
Unchecked Buffer Vulnerability
Microsoft noted that two components that ship with IIS 4.0, Microsoft Personal Web Server 4.0, and Microsoft FrontPage 97 and 98 Server Extensions—htimage.exe and imagemap.exe—contain unchecked buffers that, if overrun, might let users execute code in their own security context. There is no elevation of privileges, and crashing the Web server isn't possible with this vulnerability because the malicious code executes in the user’s own security context and out of process. Click here for more information about this vulnerability.
About the Author(s)
You May Also Like
