Microsoft IIS 4.0/5.0 - Device File Remote Denial of Service

EDB-ID:

20991


Author:

VIPER_SV

Type:

dos


Platform:

Windows

Date:

2001-07-04


source: https://www.securityfocus.com/bid/2977/info

Microsoft IIS is prone to denial of service attacks by remote attackers. This can occur if the remote attack crafts a URL which tries to pass a script parameter that is a device name.

The end result of exploiting this vulnerability is that the server will crash and a denial of services will occur. The affected services must be restarted to regain normal functionality. 

http://host.int/scripts/script.asp?script=com1