[15628] in bugtraq

home help back first fref pref prev next nref lref last post

Why to upgrade to: Front Page 2000 Server Extensions 1.2

daemon@ATHENA.MIT.EDU (Dimitri van de Giessen)
Wed Jul 5 17:50:29 2000

Message-Id:  <20000704171245.27940.qmail@securityfocus.com>
Date:         Tue, 4 Jul 2000 17:12:45 -0000
Reply-To: Dimitri van de Giessen <info@IS-WATCH.NL>
From: Dimitri van de Giessen <info@IS-WATCH.NL>
To: BUGTRAQ@SECURITYFOCUS.COM

Why to upgrade to: Front Page 2000 Server Extensions 1.2
********************************************************

Many user's use frontpage server extensions. But why should 
they upgrade to 1.2? Well...We and according to microsoft 
other company's also, found faults in shtml.dll

First of all internet user's can see your path's. This is 
very simple. Just do: 
www.site.com/_vti_bin/shtml.dll/nosuch.htm
Cannot open "D:\Inetpub\virtuals\powerasp\nosuch.htm": no 
such file or 
folder. 
You'll see the path now. This is not handy as you know. 

The second thing we also found is that if you make enough 
connections to shtml.dll than the server goes to 100%
We've got a screenshot of this handle.

Microsoft knows the problems and they're fixing it in Front 
Page 2000 Server Extensions 1.2


The screenshot's are made on a Windows 2000 machine.
****************************************************

Screenshot's:
http://www.is-watch.nl/inetinfo.gif
http://www.is-watch.nl/100.gif
http://www.is-watch.nl/microsoft.jpg <- Microsoft used also 
sample files on www.microsoft.com :-) (they are now gone)

Response of microsoft about the DoS attack:
*******************************************

-----Oorspronkelijk bericht-----
Van: Microsoft Security Response Center 
[mailto:secure@microsoft.com] 
Verzonden: dinsdag 6 juni 2000 4:34
Aan: 'Internet Security Watch'
Onderwerp: RE: DoS attack shtml.dll


Hi Dmitri -

I knew there was something familiar about this issue!  I 
checked our
logs, and it turns out that this is fixed in the web 
release of Front
Page 2000 Server Extensions 1.2, which is due to be 
released to the web
any day now.  Thanks again for writing!

Secure@microsoft.com

About Internet Security Watch 
*********************************
We are a company that test the 
security of a company on request. 
www.is-watch.nl 
info@is-watch.nl 
PGP: www.is-watch.nl/pgp-info.asc
---------------------------------
home help back first fref pref prev next nref lref last post