Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MS11-100 DoS PoC exploit published SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS11-100 DoS PoC exploit published

If you have not patched yet for vulnerability MS11-100 you might want to do it ASAP, because the DoS PoC exploit for this vulnerability has been published two days ago.

More information about the vulnerability and patches at

Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
e-mail: msantand at isc dot sans dot org



Manuel Humberto Santander Pelaacuteez

194 Posts
ISC Handler
Jan 9th 2012
Can you please provide some references for your statement? I have found *nothing* except for a lot of references to this post. My employer usually requires more than a blog post to change a decisions they've already made after a risk analysis.

though I have not tried it.
We have posted ModSecurity mitigation options -

This is useful if you have front-ended your web app servers with a ModSecurity reverse proxy.
@Ryan: thanks for your work on the ModSecurity rules and these additions in particular!
Erik van Straten

126 Posts

Sign Up for Free or Log In to start participating in the conversation!