Need solution for vulnerability "IIS 5.0 Denial of Service"
-
Hi, A critical vulnerability "IIS 5.0 Denial of Service" has been identified in my web application by HP WebInspect tool. we need to remediate this vulnerability ASAP. I have checked for WebDev in IIS manager, it is disabled. I am trying to search for best solution for this vulnerability, but still not able to search. Please help me on this.
Thanks, Ankur Bakliwal
-
Hi, A critical vulnerability "IIS 5.0 Denial of Service" has been identified in my web application by HP WebInspect tool. we need to remediate this vulnerability ASAP. I have checked for WebDev in IIS manager, it is disabled. I am trying to search for best solution for this vulnerability, but still not able to search. Please help me on this.
Thanks, Ankur Bakliwal
How about asking HP what they mean by that message?
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009... -
Hi, A critical vulnerability "IIS 5.0 Denial of Service" has been identified in my web application by HP WebInspect tool. we need to remediate this vulnerability ASAP. I have checked for WebDev in IIS manager, it is disabled. I am trying to search for best solution for this vulnerability, but still not able to search. Please help me on this.
Thanks, Ankur Bakliwal
This question should have been posted in the Web Development forum only. Do NOT spam multiple forums with the same question.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009... -
How about asking HP what they mean by that message?
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009...IIS 5.0 Denial of Service (4425) Summary If an attacker sends a Webdav request with a body over 49,153 bytes using the ?PROPFIND? or ?SEARCH? request methods, IIS will be forced to restart itself. All web server, email, and active ftp connections will be terminated, along with a disruption of future sessions during the time it takes IIS to restart. Implication A denial of service (DoS) vulnerability allows an attacker to shut down a service remotely by sending data that the service does not properly handle. if you have any idea, then please help me.
Thanks, Ankur Bakliwal
-
This question should have been posted in the Web Development forum only. Do NOT spam multiple forums with the same question.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009...but I think.. this can be related to IIS and can be part of system admin, So i just posted here..
Thanks, Ankur Bakliwal
-
IIS 5.0 Denial of Service (4425) Summary If an attacker sends a Webdav request with a body over 49,153 bytes using the ?PROPFIND? or ?SEARCH? request methods, IIS will be forced to restart itself. All web server, email, and active ftp connections will be terminated, along with a disruption of future sessions during the time it takes IIS to restart. Implication A denial of service (DoS) vulnerability allows an attacker to shut down a service remotely by sending data that the service does not properly handle. if you have any idea, then please help me.
Thanks, Ankur Bakliwal
Again, what's wrong with asking HP what they mean by it and what they recommend doing about it?
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009... -
Again, what's wrong with asking HP what they mean by it and what they recommend doing about it?
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009...I have posted the same question in thire site too.. but didn't get any response yet....
Thanks, Ankur Bakliwal
-
but I think.. this can be related to IIS and can be part of system admin, So i just posted here..
Thanks, Ankur Bakliwal
Now that you've created 5 different threads, you've also created 5 different possible answer threads, none of which are collaborating with each other on a viable answer. HP is your best bet because they know why the error was generated, which can be a multitude of causes.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008
But no longer in 2009...