IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.Referenceshttp://www.securityfocus.com/bid/1190http://www.microsoft.com/technet/support/kb.asp?ID=260205https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-030http://www.ussrback.com/labs40.html
