CVE-1999-0281
CVSS 2.0 Score 5 of 10 (medium)
Details
Summary
CVE-1999-0281 is a denial-of-service vulnerability affecting Microsoft IIS (Internet Information Services) servers. Hackers can exploit this flaw by sending specially crafted long URLs to the server, resulting in a resource exhaustion attack. The server's processing power and memory are consumed, effectively denying access to legitimate users. As URL lengths were not properly validated, IIS servers were susceptible to this attack without the need for any authentication. This vulnerability posed a significant threat to web servers in the late 1990s and early 2000s, necessitating swift patches and updates from Microsoft.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft