15 matches found
Microsoft IIS 4.0 .HTR Path Overflow
No description provided by source. $Id: ms02018htr.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft IIS 4.0/5.0 Malformed File Extension DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1190/info Sending a specially crafted URL containing malformed file extension information to Microsoft IIS 4.0/5.0 will consume CPU usage until it reaches 100% which will halt the program's services. Restarting the...
Microsoft IIS 3.0/4.0 Upgrade BDIR.HTR Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2280/info Microsoft Internet Information Server IIS 3.0 came with a series of remote administration scripts installed in /scripts/iisadmin off the web root directory. ism.dll is required for processing these scripts, and...
MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (9)
No description provided by source. /\ Microsoft IIS 4.0/5.0 Extended UNICODE Directory Traversal Exploit proof of theory exploit cuz it's wednesday and i'm on the couch brought to you by the letter B, the number 7, optyx, and t12 optyx - [email protected] [email protected] t12 -...
Microsoft 4.0 IIS repost.asp允许上传脚本执行文件
No description provided by source...
Microsoft IIS 4.0 showcode.asp例子脚本可查看任意文件内容漏洞
No description provided by source...
Microsoft IIS XSS Vulnerability (MS00-060) - Active Check
Microsoft IIS do not properly protect against cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...
Snitz Forums 2000 Active.ASP SQL注入漏洞
Snitz Forums 2000是一款基于ASP的WEB应用程序。 Snitz Forums 2000不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'Active.ASP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Snitz Forums 2000 Snitz Forums 2000 3.4.6 Snitz Forums 2000 Snitz Forums 2000 3.4 .05 Snitz Forums 2000 Snitz Forums...
MS02-018 Microsoft IIS 4.0 .HTR Path Overflow
This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server wi...
CVE-2002-1181
Summary: CVE-2002-1181 is an IIS XSS vulnerability affecting Microsoft Internet Information Services 4.0–5.1, exposed via the IISHELP ASP file (and possibly other vectors). The admin web interface can allow remote attackers to execute HTML/script as other users. The connected OpenVAS entries conf...
CVE-2001-0709
Vulnerability summary (CVE-2001-0709): Microsoft IIS 4.0 and earlier, when installed on a FAT partition, is susceptible to remote disclosure of ASP source code. An attacker can obtain the source by requesting a URL encoded with Unicode. The description in the provided documents confirms the expos...
Microsoft IIS 4.05.0 - SSI Buffer Overrun Privilege Escalation
Microsoft IIS 4.05.0 - SSI Buffer Overrun Privilege Escalation // source: https://www.securityfocus.com/bid/3190/info A vulnerability exists in Microsoft IIS 4.0 and 5.0 that could allow a user with permission to write content to the IIS server to run any code in Local System context. / jim.c - I...
DVWSSR.dll Buffer Overflow Vulnerability in Microsoft IIS 4.0 Web Servers
No description provided...
Microsoft IIS 4.0 - UNC Mapped Virtual Host
Microsoft IIS 4.0 - UNC Mapped Virtual Host MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability source: https://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "...
Microsoft IIS 4.0 - Remote Buffer Overflow (1)
source: https://www.securityfocus.com/bid/307/info Microsoft IIS reported prone to a buffer overflow vulnerability in the way IIS handles requests for several file types that require server side processing. This vulnerability may allow a remote attacker to execute arbitrary code on the target...