CVE-1999-0448

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jan 1, 1999
Updated: Aug 17, 2022

Summary

CVE-1999-0448 is a vulnerability affecting IIS 4.0 and Apache servers. A remote attacker can exploit this issue by manipulating the length of HTTP request methods, making it possible to conceal the actual URL they are trying to access. This can potentially be used to launch further attacks or gain unauthorized access to protected resources. The vulnerability exists due to the servers' failure to enforce proper length restrictions on HTTP request methods. This weakness could pose a significant risk to servers that have not been patched against this known issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share