Vulnerabilities > CVE-2001-0337 - Denial-Of-Service vulnerability in IIS Far East Edition

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2001-06-27

Updated: 2018-10-12

Summary

The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Information Server - Microsoft Internet Information Server 1.0 Microsoft Internet Information Server 2.0 Microsoft Internet Information Server 3.0 Microsoft Internet Information Server 4.0 Microsoft Internet Information Server 5.0	15

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026