CVE-1999-1233

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 31, 1999
Updated: Oct 12, 2018

Summary

CVE-1999-1233 is a vulnerability affecting IIS 4.0 where the initial session request from a user with an IP address that does not resolve to a valid DNS domain is not properly restricted. This issue allows unauthorized access to the IIS server, potentially leading to serious security consequences. An attacker can exploit this vulnerability by sending malicious requests from an IP address with no associated DNS domain, bypassing the access controls designed to restrict access. This vulnerability highlights the importance of validating user requests and implementing robust DNS resolution checks in web servers.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share