CVE-2002-2081

Name of the Vulnerable Software and Affected Versions: Microsoft Site Server version 3.0

Description: The issue allows remote attackers to cause a denial of service, specifically disk consumption, by sending an HTTP POST request with a file that has a long TargetURL parameter. This causes the server to abort and leaves the uploaded file in the c:temp directory.

Recommendations: For Microsoft Site Server version 3.0, consider restricting access to the cphost.dll module to minimize the risk of exploitation. As a temporary workaround, restrict the length of the TargetURL parameter in HTTP POST requests to prevent abuse.