CVE Catalog

CVE-2000-0167

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
2.71%

84th percentile — higher than 84% of all known CVEs

Summary

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.

Risk Assessment

An attacker can disrupt access to IIS services, leading to downtime for applications and affecting system availability.

Recommendation

It is recommended to monitor the pickup directory and restrict access for local users to prevent the creation of files with long names.

Original NVD description (English source)

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS