Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) free download, Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) download on software download

	Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) Eliminate a security vulnerability in Microsoft Internet Information Server.
Download

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) Ranking & Summary

Rating:

License:
Free

Publisher Name:
Microsoft

Publisher web site:
http://www.microsoft.com/

Operating Systems:
Windows NT

File Size:
480.81K

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) Tags

server vulnerability

internet information server

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) Description

From Microsoft : This patch eliminates a security vulnerability in a component that ships as part of Microsoft Internet Information Server. The vulnerability could potentially allow an attacker to prevent an affected web server from providing useful service.The FrontPage Server Extensions (FPSE) ship with and are installed by default as part of IIS 4.0 and 5.0. The most familiar FPSE functions allow Web site and content management; however, FPSE also provides browse-time support functions. Among the functions included in the latter category are ones that help process Web forms that have been submitted by a user. A vulnerability exists in one of these functions. If a malicious user levied a specially-malformed form submission to an affected server, it would cause the IIS service to fail. The vulnerability does not provide the opportunity to misuse any of the FPSE administrative or content management functions.To resume normal operation on an IIS 4.0 server, the operator would need to restart the service. In contrast, if an IIS 5.0 server were attacked via this vulnerability, the IIS service would, by default, automatically restart almost immediately. Although any Web sessions that were in progress at the time of the attack would be lost, the server would be able to accept new connections as soon as the service was restarted. FPSE is installed by default as part of IIS 4.0 and 5.0, but, in keeping with best practices, Microsoft recommends that they be disabled if not needed. CNET Editor's Note: Note: This IIS 4.0 patch can be applied atop systems running Windows NT 4.0 Service Pack 6a or 5. It will be included in Windows NT 4.0 Service Pack 7.

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 4.0) Related Software