CVE

Id
228  
CVE No.
CVE-1999-0229  
Status
Candidate  
Description
Denial of service in Windows NT IIS server using ....  
Phase
Modified (19991228-02)  
Votes
ACCEPT(2) Baker, Shostack | MODIFY(2) Frech, Wall | NOOP(1) Northcutt | REJECT(1) Christey | REVIEWING(1) Levy  
Comments
Wall> Denial of service in Windows NT IIS Server 1.0 using ..... | Source: Microsoft Knowledge Base Article Q115052 - IIS Server. | Frech> XF:http-dotdot (not necessarily IIS?) | Christey> DELREF XF:http-dotdot - it deals with a read/access dot dot | problem. | Christey> This actually looks like XF:iis-dot-dot-crash(1638) | http://xforce.iss.net/static/1638.php | If so, include the version number (2.0) | | CHANGE> [Christey changed vote from REVOTE to REJECT] | Christey> Bill Wall intended to suggest Q155052, but the affected | IIS version there is 1.0; the effect is to read files, | so this sounds like a directory traversal problem, | instead of an inability to process certain strings. | | As a result, this candidate is too general, since it could | apply to 2 different problems, so it should be REJECTed. | Christey> Consider adding BID:2218  

Actions

Related CVE References

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
64357 JVNDB-1999-000005 Microsoft IIS の ../.. を含むリクエストによるサービス運用妨害 (Dos) の脆弱性 Microsoft IIS には、クライアントから URI に../.. を含むリクエストを受け取った場合、サービス運用妨害 (Dos) 状態となる脆弱性が存在します。 CVE-1999-0229 228 5 http://jvndb.jvn.jp/ja/contents/1999/JVNDB-1999-000005.html  View