CVE-2001-1186
Microsoft Internet Information Services 5.0 - Denial of Service via Oversized Content-Length Header
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-1186. PoCs published by Ivan Hernandez Puga.
AI-analyzed exploit summary This exploit demonstrates a denial of service vulnerability in Microsoft IIS 5.0 by sending a malformed HTTP GET request with an excessive Content-Length field. The server keeps the connection open indefinitely, leading to potential resource exhaustion.
Description
Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection.
Exploits (1)
This exploit demonstrates a denial of service vulnerability in Microsoft IIS 5.0 by sending a malformed HTTP GET request with an excessive Content-Length field. The server keeps the connection open indefinitely, leading to potential resource exhaustion.