{"vuid":"VU#544555","idnumber":"544555","name":"Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled","keywords":["Microsoft Internet Information Server 4.0","IIS","DoS","denial of service","URL redirecting"],"overview":"A vulnerability in IIS 4.0 may permit intruders to crash vulnerable IIS servers with URL redirection enabled.","clean_desc":"A vulnerability in Microsoft IIS 4.0 allows an attacker to crash IIS 4.0 servers if they are configured to use URL redirection. URL redirection is not used by default. This vulnerability is exercised by the Code Red worm, but is distinct from the vulnerability that allows the worm to compromise systems. For more information, please see http://www.microsoft.com/technet/itsolutions/security/tools/redthree.asp?frame=true No patch is available at this time. Due to the large numbers of systems still infected with Code Red as of this writing, it is likely that systems running IIS 4.0 with redirection enabled will have difficulty maintaining normal operation until and unless URL redirection is disabled, or until a patch is available.","impact":"Intruders can crash vulnerable IIS 4.0 systems. IIS 5.0 is not affected.","resolution":"No patch is currently available.","workarounds":"Until a patch is available disable URL redirection on your system.","sysaffected":"","thanks":"Our thanks to Microsoft for the \ninformation contained on their web site","author":"This document was written by Shawn V. Hernan.","public":["http://www.microsoft.com/technet/itsolutions/security/tools/redthree.asp?frame=true","http://www.kb.cert.org/vuls/id/952336"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-08-13T13:44:20Z","publicdate":"2001-08-13T00:00:00Z","datefirstpublished":"2001-08-14T18:28:27Z","dateupdated":"2001-08-14T19:55:35Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"20","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"8","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"22.5","cam_scorecurrentwidelyknown":"22.5","cam_scorecurrentwidelyknownexploited":"22.5","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":22.5,"vulnote":null}