Microsoft IIS MIME标题服务拒绝漏洞

漏洞信息详情

Microsoft IIS MIME标题服务拒绝漏洞

• CNNVD编号：CNNVD-200110-138
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2001-0544
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2001-10-30
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Published in Micro…

IIS 5.0版本存在漏洞。本地用户可以借助引起某个无效MIME Content-Type标题的安装内容导致服务拒绝（挂起），该漏洞使File Type表格损坏。

Microsoft has released the following patch which rectifies this issue:
Microsoft Windows 2000 Server SP2

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

Microsoft Windows 2000 Advanced Server SP1

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

Microsoft Windows 2000 Server SP1

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

Microsoft Windows 2000 Advanced Server SP2

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

Microsoft Windows 2000 Professional SP2

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

Microsoft Windows 2000 Professional SP1

• Microsoft Q301625
  
  http://download.microsoft.com/download/win2000platform/Patch/q301625/N
  T5/EN-US/Q301625_W2K_SP3_x86_en.EXE

来源: MS
名称: MS01-044
链接:http://www.microsoft.com/technet/security/bulletin/ms01-044.asp

来源: XF
名称: iis-invalid-mime-header-dos(6983)
链接:http://xforce.iss.net/static/6983.php

来源: BID
名称: 3195
链接:http://www.securityfocus.com/bid/3195

来源: CIAC
名称: L-132
链接:http://www.ciac.org/ciac/bulletins/l-132.shtml