CVE-1999-0448
CVSS 2.0 Score 5 of 10 (medium)
Details
Summary
CVE-1999-0448 is a vulnerability affecting IIS 4.0 and Apache servers. A remote attacker can exploit this issue by manipulating the length of HTTP request methods, making it possible to conceal the actual URL they are trying to access. This can potentially be used to launch further attacks or gain unauthorized access to protected resources. The vulnerability exists due to the servers' failure to enforce proper length restrictions on HTTP request methods. This weakness could pose a significant risk to servers that have not been patched against this known issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft