Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft IIS 4.0 "ExAir"示例脚本远程拒绝服务攻击漏洞
Vulnerability Description
IIS 4.0是一款Windows NT系统自带的的Web服务器软件,由Microsoft公司开发维护。默认情况下,IIS会安装一些例子脚本程序。 某些例子程序实现上存在问题,远程攻击者可利用此漏洞导致服务器拒绝服务攻击。 在/IISSAMPLES/ExAir/Search/的目录下存在几个文件: advsearch.asp query.asp search.asp 如果直接访问这些文件而样例站点的动态链接库没有运行的话,将导致CPU使用率达到100%,机器速度将明显变慢。
CVSS Information
N/A
Vulnerability Type
N/A