Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-1999-1537
HistorySep 01, 2004 - 4:00 a.m.

CVE-1999-1537

2004-09-0104:00:00
mitre
web.nvd.nist.gov
28
cve-1999-1537
iis
encryption
ssl
https
dos
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.1

Confidence

High

EPSS

0.009

Percentile

82.4%

JSON

IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.

Affected configurations

Nvd
Node
microsoftinternet_information_serverMatch3.0
OR
microsoftinternet_information_serverMatch4.0
VendorProductVersionCPE
microsoftinternet_information_server3.0cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*
microsoftinternet_information_server4.0cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
cvelist
cvelist
CVE-1999-1537
2004-09-01 04:00:00
nvd
nvd
CVE-1999-1537
1999-07-07 04:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.1

Confidence

High

EPSS

0.009

Percentile

82.4%

JSON
Related for CVE-1999-1537
cvelist1nvd1