|
|
|
 Flaw in ISAPI extension for Windows Media Services could cause denial of service (W2000)Brief DescriptionFlaw in ISAPI extension for Windows Media Services could cause denial of service (817772) On This PageQuick Details
OverviewA security issue has been identified that could allow an attacker to cause a computer running Microsoft Windows 2000 to stop responding to Internet requests. This issue only affects computers configured as web servers. You can help protect your computer by installing this update from Microsoft. System Requirements
InstructionsSupport:
Microsoft Knowledge Base article 817772 discusses this issue and will be available approximately 24 hours after the release of this bulletin. Knowledge Base articles can be found on the Microsoft Online Support web site. Technical support is available from Microsoft Product Support Services. Additional InformationMicrosoft Windows Media Services is a feature of Microsoft Windows 2000 Server, and also available as a downloadable version for Windows NT 4.0. Multicast streaming is supported by Windows Media Services, however there is no direct communication between the server and the users that can be logged by the server. To help with this problem, Windows 2000 Server includes logging capabilities for multicast and unicast transmissions. This capability is implemented as an ISAPI DLL – nsiislog.dll.
There is a flaw in the way in which nsiislog.dll processes incoming requests. A vulnerability exists because an attacker could send communications to the server that would result in a denial of service of IIS. The denial of service would only affect IIS, and other services on the server would remain unaffected. |
||||||||||||||||
