Trend Micro Security

IIS Repeated Parameter Request Denial Of Service Vulnerability

2015年7月21日
  危険度: :
  CVE識別番号: CVE-2010-1899

  概要

Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability." nvd: Per: http://www.microsoft.com/technet/security/Bulletin/MS10-065.mspx 'ASP pages are prohibited by default on IIS 6.0. - The vulnerability is only exploitable when the ASP script writes parameters from the request in the response.'

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004396
  Trend Micro Deep Security DPI Rule Name: 1004396 - IIS Repeated Parameter Request Denial Of Service Vulnerability

  影響を受けるソフトウェア

  • Microsoft IIS 5.1
  • Microsoft IIS 6.0
  • Microsoft IIS 7.0
  • Microsoft IIS 7.5