This script is Copyright (C) 2013 Tenable Network Security, Inc.
A framework used by the remote web server has a denial of service
The web server running on the remote host appears to be using Microsoft
ASP.NET, and may be affected by a denial of service vulnerability.
Requesting a URL containing an MS-DOS device name can cause the web
server to become temporarily unresponsive. An attacker could repeatedly
request these URLs, resulting in a denial of service.
Additionally, there is speculation that this vulnerability could result
in code execution if an attacker with physical access to the machine
connects to a serial port.
See also :
Use an ISAPI filter to block requests for URLs with MS-DOS device
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.8
Public Exploit Available : true