CVE-1999-0449

Summary

CVE-1999-0449 refers to a denial-of-service vulnerability affecting Internet Information Services (IIS) version 4. This issue allows remote attackers to cause CPU consumption by making direct requests to specific scripts, including advsearch.asp, query.asp, and search.asp, installed on the ExAir sample site. Exploiting this vulnerability can result in significant resource drain, making the server unresponsive to legitimate requests. The attacker can repeatedly use these scripts to amplify the impact of the attack and potentially bring down the entire server. IIS users running version 4 are advised to apply the available security patch to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.