There is a new exploit for a recently patched Windows Web Server leak. It’s about the hash collision DoS vulnerability in ASP.NET. By sending a special prepared HTTP request, the attacker is able to make the web server use 100% of its CPU.
More information can be found here:
Exploit can be found here: