Article ID: 313489
This article was previously published under Q313489
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
When an Internet Information Services (IIS) 5.0 HTTP client or an IIS 5.1 HTTP client sends a Content-Range header or a Content-Type header to IIS, it is possible that when IIS adds its Content-Range header, it may improperly place the header in the body of the HTTP response.
This behavior only occurs if the outgoing headers were modified by an IIS ISAPI filter, which may occur if, for example, you use the IIS security tool, URLscan, to remove the "Server:" header.
The update for this problem is included in the "MS02-018: April 2002 Cumulative Patch for Internet Information Services". For more information about how to obtain this patch, click the following article number to view the article in the Microsoft Knowledge Base:
319733To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(https://support.microsoft.com/kb/319733/ )MS02-018: April 2002 cumulative patch for Internet Information Services
(https://support.microsoft.com/kb/260910/ )How to obtain the latest Windows 2000 service pack
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 3.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(https://support.microsoft.com/kb/316864/ )Problems with Adobe Acrobat 5.0 after you install URLScan