From: NTSD Publisher 
To: NTSD@LISTSERV.NTSECURITY.NET
Date: Mon, 21 Dec 1998 18:50:41 -0700
Subject: [ SECURITY ALERT ]  IIS 3.0 and 4.0 SUBJECT TO DENIAL OF SERVICE

December 21, 1998 - NTSD - Brian Steele and Eugene Kalinin have
discovered a new problem with Internet Information Server where
certain URLs involving GET requests can cause all available system
resources to become consumed, leading to a Denial of Service condition.

Microsoft has released a Knowledge Base article (Q192296) and a hotfix,
both located on their IIS FTP site.

For more information, including the relevant links, please visit:
http://www.ntsecurity.net/scripts/load.asp?iD=/security/iis-get.htm

Thanks for subscribing to NTSD!
Please tell your friends about this list.

Sincerely,
The NTSD Team
http://www.ntsecurity.net