COMMAND

    IIS

SYSTEMS AFFECTED

    IIS 4.0 with "ExAir" sample site

PROBLEM

    mnemonix found  follwing.   This advisory  is for  those that have
    Internet Information Server 4  installed with the IIS  sample site
    "ExAir".   There are  three Active  Server Pages  that, if  called
    directly without the default  ExAir page and associated  dlls ever
    having  been  loaded  into  the  IIS  memory  space, will hang and
    eventually time  out after  90 secs  - the  default script timeout
    period.  Whilst in this  state, processor usage increases to  100%
    and the server becomes very sluggish.  These pages are:

        Exair - root/search/advsearch.asp
        Exair - root/search/query.asp
        Exair -root/search/search.asp

    NTInfoScan will check if your site is vulnerable to this  problem.
    More information about NTInfoScan can be found at:

        http://www.infowar.co.uk/mnemonix/ntinfoscan.htm

SOLUTION

    Microsoft recommens  to everyone  to remove  ALL samples  from any
    production server - incl ExAir, WSH, and ADO samples etc.