NT IIS错误HTTP请求头DoS漏洞

漏洞信息详情

NT IIS错误HTTP请求头DoS漏洞

• CNNVD编号：CNNVD-199908-018
• 危害等级： 中危
  
  
• CVE编号：
  CVE-1999-0867
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  1999-08-11
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Reported to Micros…

IIS 4.0存在漏洞，通过错误头HTTP请求可以造成服务拒绝。

Microsoft released a patch for this vulnerability on August 11, 1999. However, on August 12, 1999 they retracted it due to an error that made IIS hang whenever the logfile was an exact multiple of 64KB. Microsoft re-released the bulletin on August 16, 1999. The new patches are available at:
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/security/HDBRK-fix/

来源: BID
名称: 579
链接:http://www.securityfocus.com/bid/579

来源: MS
名称: MS99-029
链接:http://www.microsoft.com/technet/security/bulletin/ms99-029.mspx

来源: CIAC
名称: J-058
链接:http://www.ciac.org/ciac/bulletins/j-058.shtml

来源: MSKB
名称: Q238349
链接:http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q238349