Rapid7 Vulnerability & Exploit Database

NT IIS4 DoS - ExAir Sample Site Vulnerability

Back to Search

NT IIS4 DoS - ExAir Sample Site Vulnerability

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
01/26/1999
Created
07/25/2018
Added
11/01/2004
Modified
07/31/2012

Description

An IIS4 sample site ExAir has three ASP pages, that if called directly without having the sample site dlls running, will cause the server CPU to increase to 100%. These pages include:

  • Exair - root/search/advsearch.asp
  • Exair - root/search/query.asp
  • Exair -root/search/search.asp

Solution(s)

  • http-iis-0037

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;