Denial of Service Vulnerability in Response.AddHeader Function in IIS 4.0 and 5.0
CVE-2003-0225 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.
Learn more about our Cis Benchmark Audit For Microsoft Iis.