The UriMaxUriBytes registry entry must be set properly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-13721 | WA000-WI6094 IIS6 | SV-38167r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Http.sys is the kernel mode driver that handles HTTP requests. There are several registry keys associated with http.sys. The UriMaxUriBytes key is used to set size limits on what is cached in the kernel response cache. Setting this value to large may cause performance or Denial of Service conditions on the web server. |
| STIG | Date |
|---|---|
| IIS6 Server | 2015-06-01 |
Details
| Check Text ( C-37548r1_chk ) |
|---|
| 1. Open the registry editor. 2. Navigate to the following location in the registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters. 3. Ensure the value for the UriMaxUriBytes key is set to REG_DWORD 262144 (or less). If the registry value is not set to 262144 (or less) or is missing, this is a finding. |
| Fix Text (F-32794r1_fix) |
|---|
| 1. Open the registry editor. 2. Navigate to the following location in the registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters. 3. Set the value for the UriMaxUriBytes key to REG_DWORD 262144 or add the key and set it to REG_DWORD 262144. |