guninski26.txt

Georgi Guninski security advisory 26, 2000 IIS 5.0 cross site scripting vulnerability - using .htw Systems affected: IIS 5.0/Windows 2000. Exploited with browser IE,NC but the problem is in the web server. Risk: Medium Date: 28 October 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi...

IIS 5.0 cross site scripting vulnerability - using .htw

Georgi Guninski security advisory 26, 2000 IIS 5.0 cross site scripting vulnerability - using .htw Systems affected: IIS 5.0/Windows 2000. Exploited with browser IE,NC but the problem is in the web server. Risk: Medium Date: 28 October 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi...

CVE-2000-0778

IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability...

CVE-2000-0770

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability...

CVE-2000-0631

An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability...

CVE-2000-0778

IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability...

CVE-2000-0778

CVE-2000-0778 affects Microsoft IIS (IIS 5.0/5.1). Vulnerability arises from an information-disclosure flaw where an HTTP Translate: f header allows remote attackers to obtain ASP/ASA source code. Affected products include Windows IIS; root cause is improper handling of the Translate header leadi...

CVE-2000-0770

CVE-2000-0770 affects Microsoft IIS 4.0 and 5.0, where file permission canonicalization allows remote attackers to bypass access restrictions on certain files when parent folders have permissive permissions. The connected documents corroborate the issue as the “File Permission Canonicalization” v...

CVE-2000-0630

Summary: IIS 4.0 and 5.0 can disclose fragments of source code by requesting a known file with a appended +.htr, via the ISAPI-based .HTR handling in IIS. What’s affected: Microsoft Internet Information Services (IIS) 4.0/5.0, specifically the mechanism that processes .HTR ISAPI scripts (ISM.DLL)...

Дырка в IIS 5.0

Некорректная реализация WebDAV позволяет получить список директории...

Microsoft IIS 5.0 - Indexed Directory Disclosure

Microsoft IIS 5.0 - Indexed Directory Disclosure source: https://www.securityfocus.com/bid/1756/info If Index Server is enabled in Microsoft Internet Information Server 5.0, it is possible for a remote user to view the entire root directory structure and all sub-directories due to a flaw in the W...

CVE-2000-0746

The CVE-2000-0746 entry concerns a Microsoft IIS XSS vulnerability affecting IIS 4.0 and 5.0. The issue arises from improper handling of unquoted script content in links returned within error messages, allowing a malicious site to craft a link that executes scripts in the context of a trusted sit...

IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll

Georgi Guninski security advisory 19, 2000 IIS 5.0 cross site scripting vulnerability - using .shtml files or /vtibin/shtml.dll This advisory describes two vulnerabilites one is already fixed by Microsoft but I decided to put them together. Systems affected: IIS 5.0/Windows 2000. Exploited with...

Microsoft IIS 5.0 - Translate: f Source Disclosure (1)

Microsoft IIS 5.0 - Translate: f Source Disclosure 1 source: https://www.securityfocus.com/bid/1578/info Microsoft IIS 5.0 has a dedicated scripting engine for advanced file types such as ASP, ASA, HTR, etc. files. The scripting engines handle requests for these file types, processes them...

Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (1)

source: https://www.securityfocus.com/bid/1578/info Microsoft IIS 5.0 has a dedicated scripting engine for advanced file types such as ASP, ASA, HTR, etc. files. The scripting engines handle requests for these file types, processes them accordingly, and then executes them on the server. It is...

CVE-2000-0408

CVE-2000-0408 – Microsoft IIS Malformed File Extension DoS affects IIS 4.05 and 5.0. A remote attacker can trigger a denial of service by sending a long, complex URL that appears to contain a large number of file extensions (Mashed Extension Data in URL). Remediation is associated with Microsoft ...

CVE-2000-0304

Summary: CVE-2000-0304 affects Microsoft IIS 4.0 and 5.0 when the IISADMPWD virtual directory is installed. A malformed request to inetinfo.exe (the undelimited .HTR request) can cause a remote denial of service. What is affected: IIS 4.0 and, to a lesser extent, IIS 5.0; presence of IISADMPWD is...

CVE-2000-0413

The vulnerability CVE-2000-0413 affects the FrontPage Server Extensions shtml.exe component in IIS 4.0/5.0. A remote attacker can trigger an error by requesting a non-existent HTML/HTM/ASP/SHTML file, causing the server to reveal the local absolute path of the web root in the error message. This ...

CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

CVE-2000-0258

CVE-2000-0258 affects IIS 4.0 and 5.0. The provided documents describe a remote denial-of-service vulnerability triggered by sending many URLs containing a large number of escaped characters, referred to as the "Myriad Escaped Characters" vulnerability. The NVD entry provides CVSS scores (2.0: 5....