Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Solution:
Microsoft has released an updated security bulletin (MS04-021) and updates to address this issue for supported operating system versions. The updates listed in MS04-021 require that the updates listed in MS03-018 be installed as a perquisite. Please see the referenced advisories for further information.

Avaya has released an advisory that acknowledges this vulnerability for Avaya products. Avaya advise that customers follow the Microsoft recommendations to address this issue. Please see the referenced Avaya advisory at the following location for further details:
http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=197331&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

Microsoft IIS 4.0

Microsoft Security Update for IIS 4.0 (KB841373)
This fix is for IIS running on Microsoft Windows NT 4.0 Service Pack 6a platforms.
http://download.microsoft.com/download/a/9/7/a9799893-a559-4ac1-bc88-f 9667b5954c4/Q841373I.exe