Summary
The host is running Microsoft IIS Webserver and is prone to denial of service vulnerability.
Impact
Successful exploitation will let the remote unauthenticated attackers to force the IIS server to become unresponsive until the IIS service is restarted manually by the administrator.
Impact Level: Application
Solution
Upgrade to latest version of IIS and latest Microsoft Service Packs.
For updated refer, http://www.microsoft.com/
Insight
The flaw is due to an error in the handling of HTTP GET requests that contain a tunable number of '../' sequences in the URL.
Affected
Microsoft Internet Information Server 2.0 and prior on Microsoft Windows NT
References
Severity
Classification
-
CVE CVE-1999-0229 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities