| Definition Id: oval:org.mitre.oval:def:373 |
Version: 6
Last Modified: 2011-04-26
|
| Title: |
IIS AddHeader Large Header Denial of Service |
| Description: |
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page. |
| Family: |
windows |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-0225
|
| Platform(s): |
Microsoft Windows 2000 |
Product(s): |
Microsoft Internet Information Server (IIS) |
| Definition Synopsis: |
|
|
