Flaw in ISAPI Extension for Windows Media Services Could Cause Denial of Service
There is a flaw in the way in which nsiislog.dll processes incoming requests. A vulnerability exists because an attacker could send specially formed communications to the server that could cause IIS to stop responding to Internet requests.
Windows Media Services is not installed by default on Windows 2000, and must be downloaded to install on Windows NT 4.0. An attacker attempting to exploit this vulnerability would have to be aware which computers on the network had Windows Media Services installed on it and send a specific request to that server. The denial of service would only affect IIS, and other services on the server would remain unaffected.
Download: Windows NT 4.0 Security Patch: Flaw in ISAPI Extension for Windows Media Services
Download: Flaw in ISAPI extension for Windows Media Services (Win2000)
View: Microsoft Security Bulletin MS03-019
News source: Bink.nu
There is a flaw in the way in which nsiislog.dll processes incoming requests. A vulnerability exists because an attacker could send specially formed communications to the server that could cause IIS to stop responding to Internet requests.
Windows Media Services is not installed by default on Windows 2000, and must be downloaded to install on Windows NT 4.0. An attacker attempting to exploit this vulnerability would have to be aware which computers on the network had Windows Media Services installed on it and send a specific request to that server. The denial of service would only affect IIS, and other services on the server would remain unaffected.
Download: Windows NT 4.0 Security Patch: Flaw in ISAPI Extension for Windows Media Services Download: Flaw in ISAPI extension for Windows Media Services (Win2000) View: Microsoft Security Bulletin MS03-019 News source: Bink.nu
NAT-T and Firewall Rulesets
Because the new NAT-T code is designed around the IETF RFC 3193 and draft-02 of the IETF NAT-T specification, for these services to run through a firewall, you must open the following ports in the firewall rules:
Note: This may affect server configurations for third-party gateways.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.