Microsoft has released a patch that addresses a denial of service (DoS) vulnerability that exists in Microsoft Internet Information Services (IIS) 5.0 because the function that processes wildcard sequences in FTP commands does not always allocate sufficient memory when performing pattern matching.
Windows 2000 Security Patch: Superfluous Decoding Operation Could Allow Command Execution via IIS is also a cumulative patch that includes the functionality of all security patches released to date for IIS 5.0.
Requirements:
Windows 2000/XP
Comments not found