CVE-2000-0167

Internet Information Server - Denial of Service via Long Filename in Pickup Directory

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0167. PoCs published by Valentijn.

AI-analyzed exploit summary This exploit creates a malformed email file with a long filename in the IIS pickup directory, causing inetinfo.exe to crash due to a buffer overflow. The PoC generates a file with an 80+ character name and a .eml extension, triggering a DoS condition.

Description

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Valentijn · textdoswindows
https://www.exploit-db.com/exploits/20310

This exploit creates a malformed email file with a long filename in the IIS pickup directory, causing inetinfo.exe to crash due to a buffer overflow. The PoC generates a file with an 80+ character name and a .eml extension, triggering a DoS condition.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft IIS 4.0/5.0
Auth required
Prerequisites: Access to the IIS server's mailroot\pickup directory · Ability to create files in the directory
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

EPSS 0.0271
EPSS Percentile 84.2%

Details

Status published
Products (1)
microsoft/internet_information_server 4.0
Published Feb 15, 2000
Tracked Since Feb 18, 2026