Microsoft has released a patch that addresses a denial of service (DoS) vulnerability that exists in Microsoft Internet Information Services (IIS) 5.0 because the function that processes wildcard sequences in FTP commands does not always allocate sufficient memory when performing pattern matching.
Windows 2000 Security Patch: Superfluous Decoding Operation Could Allow Command Execution via IIS is also a cumulative patch that includes the functionality of all security patches released to date for IIS 5.0. This version is the first release on CNET Download.com.
What's new in this version:
This version is the first release on CNET Download.com.