Detections
Analytics

Microsoft IIS Frontpage Server Extensions (FPSE) Malformed Form DoS

high Nessus Plugin ID 10585

Synopsis

The remote web server is vulnerable to a denial of service

Description

Microsoft IIS, running Frontpage extensions, is vulnerable to a remote denial of service attack usually called the 'malformed web submission' vulnerability. An attacker, exploiting this vulnerability, will be able to render the service unusable.

If this machine serves a business-critical function, there could be an impact to the business.

Solution

Microsoft has released a set of patches for IIS 4.0 and 5.0.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-100

Plugin Details

Severity: High

ID: 10585

File Name: IIS_frontpage_DOS_2.nasl

Version: 1.28

Type: remote

Family: Web Servers

Published: 7/22/2003

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 12/22/2000

Reference Information

CVE: CVE-2001-0096

BID: 2144

MSFT: MS00-100

MSKB: 280322