YORK-ANNOUNCE-L Archives

York U. announcements list - READ ONLY

YORK-ANNOUNCE-L@YORKU.CA
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
ADVISORY: Microsoft IIS/5.0 Remote System Vulnerability (fwd)
From:
Chris Russel <[log in to unmask]>
Reply To:
York U. announcements list - READ ONLY
Date:
Mon, 17 Mar 2003 15:30:09 -0500
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (36 lines) 
Microsoft Severity Rating: Critical

Affected Software: Windows 2000

Summary: A new vulnerability in Microsoft Internet Information Server/5.0
(included with all versions of Windows 2000) can be exploited by an
attacker to remotely gain privleged access to the affected system. All
adminstrators and end-users who are running Windows 2000 systems should
check to see if they are vulnerable and apply the patch which is available
from Microsoft.

Please note that Windows 2000 Server ships with IIS enabled by default,
even if the system is not used as a web server. It can also be enabled on
Windows 2000 Professional. For those systems, the best course of action is
to disable IIS completely.

If you need to run IIS please consider using the "IIS Lockdown Tool"
which configures IIS to run in a more secure configuration from the
default.  Systems which have previously disabled the "WebDAV" feature
using this tool are not vulnerable to this latest bug.

IIS Lockdown Tool:
http://www.microsoft.com/downloads/release.asp?ReleaseID=43955

For more information, please see the Microsoft advisory:
http://www.microsoft.com/technet/security/bulletin/ms03-007.asp

Also, CERT has an advisory here:
http://www.cert.org/advisories/CA-2003-09.html

--
Chris Russel
Manager, CNS Information Security
York University, Toronto, Canada
[log in to unmask]

ATOM RSS1 RSS2