FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
https://exchange.xforce.ibmcloud.com/vulnerabilities/6535
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026