COMMAND

    ../..

SYSTEMS AFFECTED

    Systems running IIS v2 (Win NT 4.0)

PROBLEM

    Run Telnet, enter  the IP address  of the server.  Choose Port 80.
    Issue the command GET ../ .. <ENTER>

    Additionally, if  the Web  site is  running MS  Proxy Server,  the
    proxy  crashes  too  --  potentially  exposing  the entire network
    depending on how it is built, numbered, and routed.

    This attack causes  Dr. Watson to  display an alert  window and to
    log an error:

        "The application, exe\inetinfo.dbg, generated an
        application error The error occurred on date@ time The
        exception generated was c0000005 at address 53984655
        (TCP_AUTHENT::TCP_AUTHENT"

SOLUTION

    A hot-fix  is available  from Microsoft's  FTP site.  This hot-fix
    has been included in Service Pack 2 for NT 4.0 as well.