First published: Fri Jan 05 2007(Updated: )
** DISPUTED ** Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Information Services |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-0087 is considered a denial of service vulnerability that can impact the availability of Microsoft Internet Information Services.
To mitigate CVE-2007-0087, implement network filters to restrict large TCP window sizes and monitor unusual traffic patterns.
CVE-2007-0087 affects users of Microsoft Internet Information Services that allow for large TCP connections.
The impact of CVE-2007-0087 is that an attacker can consume network bandwidth, leading to potential service interruptions.
A practical workaround for CVE-2007-0087 includes adjusting server configurations to limit the handling of malicious Range headers.