DATE: COMMAND SOURCE: AUTHOR: IIS SYSTEMS AFFECTED WinNT Systems running IIS v2 PROBLEM Run Telnet, enter the IP address of the server. Choose Port 80. Issue the command GET ../ .. <ENTER> Additionally, if the Web site is running MS Proxy Server, the proxy crashes too -- potentially exposing the entire network depending on how it is built, numbered, and routed. This attack causes Dr. Watson to display an alert window and to log an error: "The application, exe\inetinfo.dbg, generated an application error The error occurred on date@ time The exception generated was c0000005 at address 53984655 (TCP_AUTHENT::TCP_AUTHENT" EXPLOIT SOLUTION A hot-fix is available from Microsoft's FTP site. This hot-fix has been included in Service Pack 2 for NT 4.0 as well.