header-logo
Suggest Exploit
vendor:
IIS
by:
SecurityFocus
7.5
CVSS
HIGH
Microsoft IIS Denial of Service
400
CWE
Product Name: IIS
Affected Version From: Microsoft IIS 4.0
Affected Version To: Microsoft IIS 5.0
Patch Exists: YES
Related CWE: CVE-2001-0241
CPE: a:microsoft:iis
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2001

Microsoft IIS Denial of Service

Microsoft IIS is prone to a denial of service attack when a remote attacker crafts a URL which tries to pass a script parameter that is a device name. The end result of exploiting this vulnerability is that the server will crash and a denial of service will occur.

Mitigation:

Microsoft has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2977/info

Microsoft IIS is prone to denial of service attacks by remote attackers. This can occur if the remote attack crafts a URL which tries to pass a script parameter that is a device name.

The end result of exploiting this vulnerability is that the server will crash and a denial of services will occur. The affected services must be restarted to regain normal functionality. 

http://host.int/scripts/script.asp?script=com1

Navigation

Suggest Exploit

Services By CQR