Microsoft IIS URL Access Violation DoS - Ver2 (CVE-2002-0072)

A denial-of-service vulnerability has been reported in Microsoft IIS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

CVE-2002-0072

The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server IIS 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service crash when the URL parser accesses a nu...

CVE-2002-0072

CVE-2002-0072 describes a denial-of-service in Microsoft IIS 4.0/5.0/5.1 caused by the w3svc.dll FP2002/ISAPI filter when handling an overly long URL. The error handling rewrites a URL to a null value and then dereferences it, crashing Inetinfo.exe. Affected components: FP2002 Front Page Server E...

CVE-2002-0072

The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server IIS 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service crash when the URL parser accesses a nu...