From: Modify 
Date: Thu, 05 Mar 1998 15:50:49 -0800

 I was recently sifting through an out of the box NT server version 4.0.

We installed IIS server and not to my suprise I found a problem with it.  This problem is minor but
could cause problems if the administrator is not aware.  The problem is with the sample html that is
packaged along with IIS.  In more particular, the guestbook example that is found in the

c:\inetpub\wwwroot\samples\isapi\favlist.htm

If a would be malicious person were to type http://www.yourcompany.com/samples they would find that you
were vulnerable to an attack that would chew up disk space in time and possibly crash your machine. 

The problem is that if you send a guestbook entry it is written to a file called drop.htm which is
located at c:\inetpub\wwwroot\samples\isapi\drop.htm.  Your entry is sent to a file called favlist.dll
which is located in c:\inetpub\wwwroot\scripts\samples\favlist.dll .  I am working on a program that
loops and adds large entries to favlist.dll which is sent to drop.htm for viewing on the webpage. 
Imagine hundreds of thousands of entries being looped to that location and chewing up huge amounts of
disk space until there is none left which would cause the NT box to halt and not allow any more data to
be written to it. 

The html code for the form is as follows:

[snipped]

In perl you could place a huge entry for the sDescription section and loop this entire form hundreds
of thousands of times.  This would work on out of the box IIS installs on the NT platform.  I am
currently working on the code that will make this all happen.  

Modify