PT-1999-1132 · Microsoft · Iis

Published

1999-01-26

Updated

2008-09-09

CVE-1999-0449

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions IIS 4

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by making a direct request to certain scripts. The affected scripts include advsearch.asp, query.asp, and search.asp.

Recommendations For IIS 4, consider restricting access to the advsearch.asp, query.asp, and search.asp scripts as a temporary workaround to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-0449

Affected Products

Iis

PT-1999-1132 · Microsoft · Iis

CVE-1999-0449

Related Identifiers

Affected Products

References · 6