Denial of Service Vulnerability in IIS 4.0 by Microsoft
CVE-1999-0867

Currently unrated

Key Information:

Vendor: Microsoft
Status: Commercial Internet System; Internet Information Server; Site Server
Vendor: CVE Published:; 11 August 1999

Summary

The vulnerability allows an attacker to exploit the IIS 4.0 web server by sending a flood of HTTP requests that contain malformed headers. This deluge of requests can overwhelm the server, leading to a denial of service condition, effectively making the web service unavailable to legitimate users. Proper mitigation strategies are necessary to protect against such attacks and maintain service availability.

References

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN...

vendor-advisoryx_refsource_MSKB

http://www.ciac.org/ciac/bulletins/j-058.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Dec 8, 1999
Vulnerability published
Aug 11, 1999