CVE-1999-0281

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jun 1, 1997
Updated: Nov 20, 2024

Summary

CVE-1999-0281 is a denial-of-service vulnerability affecting Microsoft IIS (Internet Information Services) servers. Hackers can exploit this flaw by sending specially crafted long URLs to the server, resulting in a resource exhaustion attack. The server's processing power and memory are consumed, effectively denying access to legitimate users. As URL lengths were not properly validated, IIS servers were susceptible to this attack without the need for any authentication. This vulnerability posed a significant threat to web servers in the late 1990s and early 2000s, necessitating swift patches and updates from Microsoft.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share