Microsoft IIS 5.0 False Content-Length Field DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3667/info Microsoft IIS 5.0 may be prone to a denial of service condition when sent a specially crafted malformed HTTP GET header. If an IIS 5.0 web server is sent a crafted HTTP GET request which contains a falsified and...

Microsoft IIS 5.0 Printer Host Header Overflow

No description provided by source. $Id: ms01023printer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

httprint 202.0 HTTP Response Server Field Arbitrary Script Injection

No description provided by source. source: http://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second issue may allow remote attackers to cra...

Microsoft IIS 5.0 IDQ Path Overflow

No description provided by source. $Id: ms01033idq.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft IIS 5.0 Failure To Log Undocumented TRACK Requests Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9313/info A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to...

Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4525/info Microsoft IIS 5.0 ships with a sample script that may be used to view the source code of other scripts in the sample scripts /IISSAMPLES directory. However, this script CodeBrws.asp does not adequately filter...

Microsoft IIS 5.0 - Authentication Bypass (MS10-065)

Microsoft IIS 5.0 - Authentication Bypass MS10-065 MS10-065 - Directory Authentication Bypass Vulnerability Description: This vulnerability is because of using Alternate Data Stream to open a protected folder. All of IIS authentication methods can be circumvented. In this technique, we can add a...

Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit)

$Id: ms01033idq.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow (CVE-2001-0241)

A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...

Microsoft IIS 5.0 ISAPI虚拟目录UNC映射导致ASP源文件泄露

No description provided by source...

Microsoft IIS 5.0 IDC扩展XSS

No description provided by source...

Microsoft IIS 5.0 Form_JScript.asp 跨站脚本漏洞

No description provided by source...

Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft II...

Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow

!/usr/bin/perl IIS 5.0 FTP Server / Remote SYSTEM exploit Win2k SP4 targets bug found & exploited by Kingcope, kcope2googlemail.com Affects IIS6 with stack cookie protection Modded by muts, additional egghunter added for secondary larger payload Might take a minute or two for the egg to be found...

Microsoft IIS 5.0 WebDAV绕过认证漏洞(MS09-020)

BUGTRAQ ID: 35232 CVECAN ID: CVE-2009-1122 Microsoft Internet信息服务（IIS）是Microsoft Windows自带的一个网络信息服务器，其中包含HTTP服务功能。 IIS的WebDAV扩展没有正确解码特制请求的URL，导致WebDAV在处理该请求时应用不正确的配置。如果应用的配置允许匿名访问，则特制的请求可以绕过身份验证。 请注意IIS在配置的匿名用户帐户的安全上下文中仍会处理该请求，因此此漏洞不能用于绕过NTFS ACL，文件系统ACL对匿名用户帐户强加的限制将仍然执行。 Microsoft IIS 5.0 临时解决方法...

CVE-2009-1122

The WebDAV extension in Microsoft Internet Information Services IIS 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability...

Microsoft IIS XSS Vulnerability (MS00-060) - Active Check

Microsoft IIS do not properly protect against cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...

CVE-2003-1567

The undocumented TRACK method in Microsoft Internet Information Services IIS 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by usi...

Microsoft IIS 5.0 WebDAV拒绝服务漏洞(MS01-044)

CVE CAN ID : CAN-2001-0508 Microsoft IIS 5.0 WebDAV处理中存在一个拒绝服务漏洞，远程攻击者可以临时中断IIS 5.0服务。 WebDAV没有正确的处理特定类型的请求，特别是请求相当长而且其中包含某种 类型的无效数据时。这会导致内存访问错误，从而使得IIS 5.0进程中断。由于缺省情况 下，IIS 5.0会自动重启。因此这只会临时中断IIS服务。 Microsoft IIS 5.0 - Microsoft Windows 2000 厂商补丁： 微软已经为此发布了一个安全公告（MS01-044）以及相应补丁程序：...

Snitz Forums 2000 Active.ASP SQL注入漏洞

Snitz Forums 2000是一款基于ASP的WEB应用程序。 Snitz Forums 2000不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于'Active.ASP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 Snitz Forums 2000 Snitz Forums 2000 3.4.6 Snitz Forums 2000 Snitz Forums 2000 3.4 .05 Snitz Forums 2000 Snitz Forums...