Ooops. Wrong list......and a long day. I didn't mean to ruffle your feathers.....
From: R. E. Paret [SMTP:rparet @
Sent: Monday, December 09, 1996 11:57 PM
To: Mark Joseph Edwards
Cc: 'firewalls @
Subject: Re: Another IIS Bug
On Mon, 9 Dec 1996, Mark Joseph Edwards wrote:
> Wanna see something ridiculous?
> Telnet to your favorite (?) IIS Web server on port 80 (of course) and enter this "GET ../.." and press ENTER.
> The Web server crashes! Geez. Talk about denial of service..........
The only thing ridiculous here is your post. Not only is it off topic,
but that bug you mentioned was fixed VERSIONS ago. There have been many
other bugs since then (like phf) which have also been patched, making any
DOS attack using that method totally ineffective.
R. E. Paret