IIS Repeated Parameter Request Denial Of Service Vulnerability
Schweregrad:: Mittel
CVE Kennungen:: CVE-2010-1899
Hinweisdatum: 21 Juli 2015
Beschreibung
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."
nvd: Per: http://www.microsoft.com/technet/security/Bulletin/MS10-065.mspx
'ASP pages are prohibited by default on IIS 6.0. - The vulnerability is only exploitable when the ASP script writes parameters from the request in the response.'
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1004396
Trend Micro Deep Security DPI Rule Name: 1004396 - IIS Repeated Parameter Request Denial Of Service Vulnerability
Betroffene Software und Version:
- Microsoft IIS 5.1
- Microsoft IIS 6.0
- Microsoft IIS 7.0
- Microsoft IIS 7.5