Microsoft IIS Malformed HTTP Request Header Remote DoS

Medium Nessus Plugin ID 10119


The remote web server is affected by a remote denial of service vulnerability.


It was possible to crash the remote web server by sending a malformed header request. This flaw allows an attacker to shut down your web server, thus preventing legitimate users from connecting to your web server.


Apply the patch referenced above.

See Also

Plugin Details

Severity: Medium

ID: 10119

File Name: iis_malformed_request.nasl

Version: $Revision: 1.48 $

Type: remote

Family: Web Servers

Published: 1999/08/20

Modified: 2017/08/30

Dependencies: 10107, 11919, 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:microsoft:iis

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1999/08/11

Reference Information

CVE: CVE-1999-0867

BID: 579

OSVDB: 1041

MSFT: MS99-029

MSKB: 238349

CWE: 20