MS00-030: HTTP request with a large number of dots or dot-slashes causes high CPU utilization

This article was previously published under Q260205
This article has been archived. It is offered "as is" and will no longer be updated.
Notice
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:For more information about IIS 7.0, visit the following Microsoft Web site:
Symptoms
An HTTP GET request with a large number of dots (..) or dot-slashes (././) in the URL can cause high CPU utilization for the Inetinfo process.
Cause
IIS determines how to process a URL based on its extension. When there are a large number of dots or dot-slashes, the Inetinfo process consumes all the CPU power for the time that it takes to determine the right extension.
Resolution

Windows 2000

Service pack information

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack

Hotfix information

The following files are available for download from the MicrosoftDownload Center:



For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Windows NT 4.0

Hotfix information

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Microsoft Windows NT 4.0 that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The following files are available for download from the Microsoft Download Center:


US English:Chinese (Simplified):Chinese (Traditional):Dutch:French:German:Japanese:Korean:Portuguese (Brazil):Spanish:Swedish:Note Debug symbol files are required by an administrator to do both kernel and user mode debugging, providing a method to resolve global variables and function names in the loaded executable file. Click the file names below to download the symbol files.

US English:Chinese (Simplified):Chinese (Traditional):German:Japanese:Korean: For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table.
   Date     Time     Version    Size     File name     Platform   ------------------------------------------------------------   4/24/00  12:11PM  4.2.743.1  228,496  W3svc.dll     x86   4/24/00  12:11PM  4.2.743.1   25,360  Sspifilt.dll  x86   4/24/00  12:11PM  4.2.743.1   38,256  Ssinc.dll     x86   4/24/00  12:10PM  4.2.743.1  185,760  Infocomm.dll  x86				

Microsoft Windows NT Server version 4.0, Terminal Server Edition

Security Rollup Package information

To resolve this problem, obtain the Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package (SRP). For more information about the SRP, click the following article number to view the article in the Microsoft Knowledge Base:
317636 Windows NT Server 4.0, Terminal Server Edition, Security Rollup Package
Status

Windows 2000

Microsoft has confirmed that this is a problem in Internet Information Services 5.0. This problem was first corrected in Windows 2000 Service Pack 1.

Windows NT 4.0

Microsoft has confirmed that this is a problem in Internet Information Server 4.0.
More information
With this hotfix installed, the dots in the URL are counted. If the number of dots exceeds the default value of 100, you receive an error message. You can also configure this value through the registry. To do this, follow these steps:
  1. Start Registry Editor.
  2. Locate the following key in the registry:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\w3svc\Parameters
  3. On the Edit menu, click Add Value, and then add the following registry value:
    Value Name: MAXDEPTHDOTS
    Data Type: REG_DWORD
    Value: 100
  4. Quit Registry Editor.
For more information about this problem, visit the following Microsoft TechNet Web site: For more information about security and Microsoft products, visit the following Microsoft TechNet Web site: For more information about how to install Windows 2000 and Windows 2000 fixes at the same time, click the following article number to view the article in the Microsoft Knowledge Base:
249149 Installing Microsoft Windows 2000 and Windows 2000 hotfixes
security_patch
Properties

Article ID: 260205 - Last Review: 10/26/2013 10:47:00 - Revision: 11.0

  • kbnosurvey kbarchive kbhotfixserver kbdownload kbbug kbfix kbgraphxlinkcritical kbqfe kbsecurity kbwin2000sp1fix KB260205
Feedback