IIS AddHeader Large Header Denial of ServiceID: oval:org.mitre.oval:def:373 | Date: (C)2003-10-10 (M)2018-02-19 |
Class: VULNERABILITY | Family: windows |
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.
Platform: |
Microsoft Windows 2000 |
Product: |
Microsoft Internet Information Server (IIS) |