CVE-2000-0304 is a vulnerability affecting Microsoft Internet Information Services (IIS) versions 4.0 and 5.0 when the IISADMPWD virtual directory is installed. This virtual directory is typically used to allow users to change their passwords via a web interface. The vulnerability arises from the way the inetinfo.exe process handles malformed HTTP requests, specifically those targeting the .HTR files used by the IISADMPWD directory. An attacker can craft a specially malformed request that is not properly delimited, causing the inetinfo.exe process to crash or become unresponsive, resulting in a denial of service (DoS) condition. This vulnerability does not allow for unauthorized access or data compromise but impacts the availability of the web server. The attack vector is network-based, requiring no authentication or user interaction, and can be executed remotely. The CVSS base score is 5.0 (medium severity), reflecting the ease of exploitation and the impact limited to availability. Microsoft has released patches to address this issue, as documented in their security bulletin MS00-031. No known exploits have been observed in the wild, but unpatched systems remain vulnerable to potential DoS attacks that could disrupt web services relying on IIS 4.0 or 5.0 with the IISADMPWD directory enabled.

For European organizations, the primary impact of this vulnerability is the potential disruption of web services hosted on IIS 4.0 or 5.0 servers with the IISADMPWD virtual directory enabled. This could affect internal or external-facing web applications, particularly those that rely on IIS for user authentication or password management. The denial of service could lead to temporary loss of availability, impacting business operations, customer access, and internal workflows. While the vulnerability does not compromise confidentiality or integrity, the availability impact could be significant for organizations with critical web infrastructure or those in sectors where uptime is essential, such as finance, healthcare, and government services. Additionally, organizations that have not updated legacy systems or have not disabled the IISADMPWD directory remain at risk. Given the age of the vulnerability, it is less likely to affect modern environments but could still pose risks in legacy or poorly maintained systems.

1. Apply the official Microsoft patches provided in security bulletin MS00-031 immediately to all affected IIS 4.0 and 5.0 servers. 2. If patching is not immediately possible, disable or remove the IISADMPWD virtual directory to eliminate the attack surface. 3. Restrict network access to IIS servers, especially limiting exposure of the IISADMPWD directory to untrusted networks or the internet. 4. Implement network-level protections such as intrusion detection/prevention systems (IDS/IPS) to detect and block malformed HTTP requests targeting .HTR files. 5. Monitor IIS server logs for unusual or malformed requests that could indicate exploitation attempts. 6. Consider upgrading to supported versions of IIS and Windows Server to reduce exposure to legacy vulnerabilities. 7. Conduct regular vulnerability assessments and penetration testing focused on legacy systems to identify and remediate similar risks.