Revised December 15, 2005
May 26, 2004
NOTICE:
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Products Affected
|
Product |
Comments |
|---|---|
|
Cisco MeetingPlace Web Conferencing |
All |
Problem Description
Note: This Field Notice is a legacy Latitude Field Notice that has been converted to the Cisco format so the information would remain available to their customers.
Note: This is a Microsoft problem that may impact Meeting Place applications.
Unchecked Buffer in Index Server ISAPI Extension Can Enable Web Server Compromise.
There is a technical explanation in the Knowledge Base article Q300972. Here are some of the symptoms:
-
Changing web content
-
Executing operating system commands
-
Reconfiguring the server
-
Loading additional software onto the server and executing it
-
Stopping the Web Server
Example
Cisco had several complaints that scheduling was inaccessible via MP Outlook client. Cisco noticed that all the websites on the NT Gateway server were stopped. When you try to start the websites it will give you a "WinSock Error" and you have to reboot the NT machine.
Problem Symptoms
Potentially, this could affect any Meeting Place products that rely on IIS for functionality. The worm attacks both Windows NT and Windows 2000 servers as long as they have IIS installed. There are two different hot fixes depending on the version of Windows running on the NT gateway machine.
Workaround/Solution
Install the hot fix for the associated Windows Server release, which can be downloaded from Customer Support Resource Center, or the Microsoft web site.
Windows 2000 Internet Server Security Tool
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.