You can place content headers in the body of a response if an ISAPI filter is installed (313489)
The information in this article applies to:
- Microsoft Internet Information Services 5.0
- Microsoft Internet Information Services version 5.1
This article was previously published under Q313489 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS
When an Internet Information Services (IIS) 5.0 HTTP client or an IIS 5.1 HTTP client sends a Content-Range header or a Content-Type header to IIS, it is possible that when IIS adds its Content-Range header, it may improperly place the header in the body of the HTTP response.
CAUSE
This behavior only occurs if the outgoing headers were modified by an IIS ISAPI filter, which may occur if, for example, you use the IIS security tool, URLscan, to remove the "Server:" header.
RESOLUTION
The update for this problem is included in the "MS02-018: April 2002 Cumulative Patch for Internet Information Services".
For more information about how to obtain this patch, click the following article number to view the article in the Microsoft Knowledge Base:
319733
MS02-018: April 2002 cumulative patch for Internet Information Services
To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 3.
| Modification Type: | Major | Last Reviewed: | 7/3/2006 |
|---|
| Keywords: | kbHotfixServer kbQFE kbbug kbfix kbWin2000PreSP3Fix kbWin2000sp3fix KB313489 |
|---|
|