Intrusion Prevention

MS.IIS.Repeated.Parameter.Request.DoS

Description

This indicates a possible attack against a denial-of-service vulnerability in Microsoft Internet Information Services.
The vulnerability is due to an error when the vulnerable software handles a specially crafted request with repeated parameters. An attacker may exploit this to cause denial of service.

Affected Products

Microsoft IIS 5.1
Microsoft IIS 6.0
Microsoft IIS 7.0
Microsoft IIS 7.5

Impact

System compromise

Recommended Actions

Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/Bulletin/ms10-065.mspx

CVE References

CVE-2010-1899