Microsoft IIS Frontpage Server Extensions (FPSE) Malformed Form DoS

High Nessus Plugin ID 10585


The remote web server is vulnerable to a denial of service


Microsoft IIS, running Frontpage extensions, is vulnerable to a remote denial of service attack usually called the 'malformed web submission' vulnerability. An attacker, exploiting this vulnerability, will be able to render the service unusable.

If this machine serves a business-critical function, there could be an impact to the business.


Microsoft has released a set of patches for IIS 4.0 and 5.0.

See Also

Plugin Details

Severity: High

ID: 10585

File Name: IIS_frontpage_DOS_2.nasl

Version: $Revision: 1.25 $

Type: remote

Family: Web Servers

Published: 2003/07/22

Modified: 2017/08/30

Dependencies: 10107, 11919, 17975

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2000/12/22

Reference Information

CVE: CVE-2001-0096

BID: 2144

OSVDB: 482

MSFT: MS00-100

MSKB: 280322