Malformed URL Causes DoS in IIS 5.0 and Exchange 2000
Microsoft recently released a bulletin (MS01-014) and patch that address an issue in which a malicious attacker could repeatedly submit a malformed URL and create a denial of service (DoS) condition. For more details about this vulnerability and a patch, visit Microsoft's security Web site.
Malformed WebDAV Request Can Cause DoS in IIS 5.0
Another recent Microsoft bulletin (MS01-016) and patch address a situation in which a malicious attacker could repeatedly submit a malformed WebDAV request and create a DoS condition. For more details and a patch, see Microsoft's Web site.