Short Name |
HTTP:IIS:MALFORMED-EXT-DATA |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
IIS 4.0/5.0 Malformed Extension Data |
Release Date |
2003/05/08 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Microsoft IIS 4.05 and 5.0. Attackers can send a long complex URL that appears to contain a large number of file extensions (malformed extension data in URL) to the server and create a denial of service.
An IIS4 sample site "ExAir" has three ASP pages, that if called directly without having the sample site dlls running, will cause the server CPU to increase to 100%. These pages include: Exair - root/search/advsearch.asp Exair - root/search/query.asp Exair -root/search/search.asp