Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability
Microsoft has released an updated security bulletin (MS04-021) and updates to address this issue for supported operating system versions. The updates listed in MS04-021 require that the updates listed in MS03-018 be installed as a perquisite. Please see the referenced advisories for further information.
Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Avaya advise that customers follow the Microsoft recommendations to address this issue. Please see the referenced Avaya advisory at the following location for further details:
Microsoft IIS 4.0