CVE-1999-1233
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-1233 is a vulnerability affecting IIS 4.0 where the initial session request from a user with an IP address that does not resolve to a valid DNS domain is not properly restricted. This issue allows unauthorized access to the IIS server, potentially leading to serious security consequences. An attacker can exploit this vulnerability by sending malicious requests from an IP address with no associated DNS domain, bypassing the access controls designed to restrict access. This vulnerability highlights the importance of validating user requests and implementing robust DNS resolution checks in web servers.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft