CVE-2007-0087

Name of the Vulnerable Software and Affected Versions Microsoft Internet Information Services (IIS) (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service, specifically network bandwidth consumption, by accessing the server through a TCP connection with a large window size and using a Range header that specifies multiple copies of the same fragment. The severity of this issue has been disputed by third parties, who argue that the required large window size is not typically supported or configured by the server, or that a similar effect could be achieved through a DDoS-style attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.