Alias(es)IIS.ExAir.Search.ASP.Access |
Release DateSep 11, 2006 |
Severitylow |
ImpactAttackers can cause DoS on the victim system. |
DescriptionIt indicates a potential Denial-of-Service (DoS) vulnerability in Microsoft Internet Information Service (IIS) ExAir sample site. There exists a vulnerability in IIS version 4.0 ExAir sample site pages that allows a remote attacker to consume all processing power on a target system by passing it a specially-crafted URL requests. |
Affected ProductsAny unprotected IIS 4.0 is vulnerable to the attack. |
Recommended ActionsApply appropriate patches from Microsoft and/or upgrade the system to the latest non-vulnerable version. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-1999-0449 |
Reference/shttp://www.securityfocus.com/bid/193 (BugTraq) |
