CVE-1999-1233

Description

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.

Affected products

• Microsoft / internet_information_server4.0 – 4.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/3306
• MISChttp://support.microsoft.com/support/kb/articles/Q241/5/62.asp
• MISChttp://www.securityfocus.com/bid/657
• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039