Denial of Service Vulnerability in Microsoft IIS
CVE-2007-0087

Currently unrated

Key Information:

Vendor

Microsoft
Status
Internet Information Server
Vendor
CVE Published:
5 January 2007

What is CVE-2007-0087?

Microsoft Internet Information Services (IIS) is vulnerable to a denial of service attack when accessed through a TCP connection with an unusually large window size. This vulnerability allows remote attackers to exploit the server by sending a Range header that includes multiple duplicates of the same data fragment, which can lead to excessive consumption of network bandwidth. Although some experts have argued that the required configurations for this attack are uncommon, the potential for disruption emphasizes the importance of securing IIS installations against such network-oriented threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/455920/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/455879/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/455833/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.