PT-2000-1240 · Microsoft · Iis
Publicado
2000-04-12
·
Atualizado
2018-10-30
·
CVE-2000-0258
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
IIS versions 4.0 through 5.0
Description
The issue allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters.
Recommendations
For IIS versions 4.0 through 5.0, consider restricting the number of escaped characters allowed in URLs to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Iis