Malformed Request Causes LSA Service to Stop Responding
A specially malformed request to the Microsoft Local Security Authority (LSA)
service may be used to exploit a security
vulnerability on a computer running Windows NT. A user can abuse
this vulnerability to run a program and cause a denial of
service attack that may cause the LSA service to stop responding (hang)
and require you to restart the computer. You may also receive the following
error message:
Sorry! The Microsoft Exchange Server is down
or the HTTP service has been disabled by an administrator. Please try your
request again later.
The vulnerability involves an unchecked buffer in ISM.DLL. This poses two
threats to safe operation. The first is a denial of service threat. A malformed
request for an .HTR file could overflow the buffer, causing
IIS to crash. The server would not need to be rebooted, but IIS would
need to be restarted.
The second threat would be more difficult to exploit. A
carefully-constructed file (or malformed) request could cause arbitrary
code to execute on the server via a classic buffer overrun technique.
Neither scenario could occur
accidentally.
Ref:
Cisco Aironet AP 1100 Malformed HTTP Request Crash
Vulnerability
