The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
Software | From | Fixed in |
---|---|---|
microsoft / internet_information_server | 4.0 | 4.0.x |