Info

Disclosure

Feb 15, 2000

Discovery

Unknown

Dates

Exploit

Feb 15, 2000

Solution

Unknown

Description

Microsoft IIS contains a flaw that may allow a local denial of service. The issue is triggered when a file with a filename with more than 86 characters is placed in the \mailroot\pickup directory and has a .txt.eml extension. This will result in loss of availability for the service and the file will have to be removed and the service restarted to become available.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Microsoft Corporation

IIS

4.0

References

Bugtraq ID: 1819
CVE ID: 2000-0167 (see also: NVD)
ISS X-Force ID: 4790
Mail List Post: http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0002&L=ntbugtraq&F=&S=&P= ......

Credit

Valentijn - iammy.net -

Direct URL: http://osvdb.org/36218