3 matches found
MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)
The remote host has a version of IIS that is vulnerable to a remote flaw that could allow an attacker to take the control of the remote web server and execute arbitrary commands on the remote host with the SYSTEM privileges. Tenable Network Security, Inc. include"compat.inc"; if description...
CVE-2005-4360
The URL parser in Microsoft Internet Information Services IIS 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "0" through "9", which causes ntdll.dll to produce a return value that is not correctly...
CVE-2005-4360
Summary (CVE-2005-4360, mode C) : IIS 5.1 on Windows XP Pro SP2 contains a memory/URL parsing vulnerability in the IIS WWW component. A remote attacker can trigger it by sending specially crafted URLs (notably using paths like /_vti_bin/.dll/*/~0), leading to remote code execution with SYSTEM pri...