VULHUB ™

It has been reported that SecureIIS exhibits strange behaviour when it recieves large requests (composed of several thousand characters). One of the behaviours that has been reportedly observed is the disclosure of internal memory on error pages in response to excessive requests. The original report stated that in one instance, information about the configuration was disclosed to the attacker sending the request. This may assist attackers in further attacks against the server and network. Further information is forthcoming.

It has been reported that SecureIIS exhibits strange behaviour when it recieves large requests (composed of several thousand characters). One of the behaviours that has been reportedly observed is the disclosure of internal memory on error pages in response to excessive requests. The original report stated that in one instance, information about the configuration was disclosed to the attacker sending the request. This may assist attackers in further attacks against the server and network. Further information is forthcoming.