Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft IIS设备文件本地拒绝服务漏洞
Vulnerability Description
CVE(CAN) ID: CAN-2001-1243 Microsoft IIS可能会由本地用户引发拒绝服务攻击,前提是本地用户可以创建一个 .asp文件,而这个.asp文件调用了设备文件。 这会导致Microsoft IIS停止响应,只有重新启动才能恢复正常工作。 如果站点自己的asp程序允许用户指定打开的文件,也可能导致拒绝服务发生。
CVSS Information
N/A
Vulnerability Type
N/A