here is the file from the site along with the URL.
DOCUMENT:Q143484 [winnt]
TITLE: Internet Information Server Denial Of Service Attack
PRODUCT: Microsoft Windows NT
PROD/VER:4.00
OPER/SYS:WINDOWS
KEYWORDS:kbbug4.00 kbfile kbfix4.00
-------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Windows NT Server version 4.0
--------------------------------------------------------------------------
SYMPTOMS
==========
Internet Information Server services are stopped and a Dr. Watson error is
generated referencing the Inetinfo.exe process.
CAUSE
======
The Internet Information Server services will stop when it receives a CGI
request from a browser that contains between 4k to 8k chunk of data
in the URL.
STATUS
======
Microsoft has confirmed this to be a problem in Internet Information Server
version 2.0 and 3.0
A supported fix is now available, but has not been fully regression-tested
and should be applied only to systems experiencing this specific problem.
Unless you are severely impacted by this specific problem, Microsoft
recommends that you wait for the next Service Pack that contains this fix.
Contact Microsoft Technical Support for more information.
The fix is also available for download on the Internet at the following
URL:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/
hotfixes-postSP3/iis-fix
Additional query words: 4.00 iis
============================================================================
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS
ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO
EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR
ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
SO THE FOREGOING LIMITATION MAY NOT APPLY.
At 02:53 22/06/97 -0700 CyborG said....
>Microsoft is under Hacker attack at the moment if I am informed well.
>There is a new bug in IIS 3.0 and NT that can take complete webhosting
>service out.
>
>There is more info about this on Microsoft.com and they also have an
>alternative IP address where you can connect directly to a microsoft
>mirror.
>
>.ENDRE
>
>Einars Bindemanis wrote:
>
>> Is www.microsoft.com alive ?
>> could not get in for past 3 hours.
>> Anyone has IIS bugfix on some mirror server ?
>>
>> Thanks,
>> Einars
>>
>> ----------------------------------------------------------
>> NTISP Mailing List listserver@emerald.iea.com
>
>
>
>--
>
> /'^'\
> ( o o )
>/--------------------------------------------------oOOO--(_)--OOOo-----\
>
>| RESISTANCE IS FUTILE You will be assimilated! |
>
>\----------------------------------------------------------------------/
>
>Attachment Converted: "d:\eudora\gordon\attach\vcard2.vcf"
>