CVE-1999-1537

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jul 7, 1999

Updated: Oct 10, 2017

Summary

CVE-1999-1577 exposes a vulnerability in IIS 3.x and 4.x servers, allowing remote attackers to cause a denial-of-service (DoS) by sending SSL requests to the HTTPS port for unencrypted files. IIS fails to distinguish between encrypted and non-encrypted pages, resulting in additional work to send the files securely, leading to resource exhaustion. This issue can potentially impact the availability of affected servers.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlURT
https://www.cve.org/CVERecord?id=CVE-1999-1537
https://nvd.nist.gov/vuln/detail/CVE-1999-1537

Back to Vulnerability Database