CVE-2001-0500

2001-07-2104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

297

cve-2001-0500

isapi extension

index server 2.0

iis 6.0 beta

buffer overflow

code red

nvd

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.7%

JSON

Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.

CPENameOperatorVersion
microsoft:internet_information_servermicrosoft internet information serverle6.0
microsoft:indexing_servicemicrosoft indexing serviceeq*
microsoft:index_servermicrosoft index servereq2.0

CPE	Name	Operator	Version
microsoft:internet_information_server	microsoft internet information server	le	6.0
microsoft:indexing_service	microsoft indexing service	eq	*
microsoft:index_server	microsoft index server	eq	2.0