CVE-2000-0258

CVSS 3.0 Score 7.5 of 10 (high)

Details

Published Apr 12, 2000

Updated: Nov 20, 2024

CWE ID 20

Summary

CVE-2000-0258 refers to a denial-of-service vulnerability affecting Microsoft IIS 4.0 and 5.0. An attacker can exploit this issue by sending multiple URLs containing a large number of escaped characters. This deluge of data overloads the server, causing it to crash and become unavailable to legitimate users. The vulnerability, also known as the "Myriad Escaped Characters" issue, highlights the importance of input validation in web servers to prevent malicious traffic and ensure service continuity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/LFRDxO
https://www.cve.org/CVERecord?id=CVE-2000-0258
https://nvd.nist.gov/vuln/detail/CVE-2000-0258

Back to Vulnerability Database