CVE-1999-0448

Name of the Vulnerable Software and Affected Versions IIS version 4.0 Apache (affected versions not specified)

Description The issue allows a remote attacker to hide the URL they are requesting by taking advantage of how IIS 4.0 and Apache log HTTP request methods, regardless of their length.

Recommendations For IIS version 4.0, update the logging configuration to properly handle and log HTTP request methods. For Apache, at the moment, there is no information about a newer version that contains a fix for this vulnerability.