PT-2001-1379 · Microsoft · Iis+1

Published

2001-03-09

Updated

2020-04-02

CVE-2001-0146

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: IIS versions 5.0 Microsoft Exchange version 2000

Description: The issue allows remote attackers to cause a denial of service due to a memory allocation error. This can be achieved by repeatedly sending a series of specially formatted URLs.

Recommendations: For IIS version 5.0, consider restricting access to prevent repeated specially formatted URL requests until a fix is available. For Microsoft Exchange version 2000, as a temporary workaround, consider implementing measures to limit the impact of repeated specially formatted URL requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0146

Affected Products

Iis

Exchange Server

PT-2001-1379 · Microsoft · Iis+1

CVE-2001-0146

Related Identifiers

Affected Products

References · 8