Lucene search
K
MicrosoftIndex Server

9 matches found

CVE
CVE
•added 2002/03/09 5:0 a.m.•435 views

CVE-2001-0500

CVE-2001-0500 is a buffer-overflow in the IDQ ISAPI handler (idq.dll) used by Microsoft IIS Indexing Service/Index Server 2.0 (and IIS 6.0 beta and earlier). The vulnerability allows remote attackers to execute arbitrary commands by sending a long argument to the .ida and .idq entry points (e.g.,...

10CVSS7.5AI score0.96731EPSS
Web
CVE
CVE
•added 2000/03/22 5:0 a.m.•86 views

CVE-2000-0097

The CVE-2000-0097 vulnerability concerns Microsoft IIS WebHits ISAPI Filter used with Microsoft Index Server. The OpenVAS Active Check entries reference MS00-06 and confirm that the WebHits filter allows remote attackers to read arbitrary files via crafted requests (Mal-formed Hit-Highlighting Ar...

5CVSS6.6AI score0.35884EPSS
CVE
CVE
•added 2000/06/02 4:0 a.m.•79 views

CVE-1999-1011

CVE-1999-1011 affects the RDS DataFactory component of Microsoft MDAC used by IIS 3.x/4.x, enabling remote command execution via unsafe DataFactory methods in msadcs.dll. Public docs reference MS99-025 security bulletin and multiple advisories; exploit code and modules exist (e.g., Metasploit MSS...

10CVSS7.4AI score0.7714EPSS
Web
CVE
CVE
•added 2001/05/07 4:0 a.m.•69 views

CVE-2000-0302

Microsoft Index Server WebHits ISAPI filter vulnerability (MS00-06) allows remote attackers to disclose ASP source by requesting null.htw with a crafted CiWebHitsFile argument (via %20). Connected OpenVAS entries describe the WebHits component’s information disclosure and path/file reading issues...

5CVSS6.7AI score0.7843EPSS
CVE
CVE
•added 2002/02/02 5:0 a.m.•62 views

CVE-2001-0986

SQLQHit.asp is a sample component of Microsoft Index Server 2.0 that, when reachable via CiScope values webinfo/extended_fileinfo/extended_webinfo/fileinfo, can disclose directories and file paths on the server. The vulnerability stems from a design/implementation flaw in the SQLQHit CGI that all...

5CVSS6.1AI score0.4816EPSS
CVE
CVE
•added 2000/03/22 5:0 a.m.•60 views

CVE-2000-0098

CVE-2000-0098 describes a path-disclosure vulnerability in Microsoft Index Server/IIS WebHits: remote attackers can determine the real path of a web directory by requesting non-existent Internet Data Query files. OpenVAS notes the issue in MS00-006 (WebHits ISAPI filter) and IDA/IDQ path disclosu...

5CVSS6.6AI score0.48542EPSS
CVE
CVE
•added 2001/09/18 4:0 a.m.•49 views

CVE-2001-0245

Microsoft Index Server 2.0 (Windows NT 4.0) and Indexing Service (Windows 2000) are affected by a vulnerability described as a Malformed Hit-Highlighting issue that allows remote readers to view server-side include files via a crafted search request. The CERT advisory confirms the ability to read...

5CVSS6.5AI score0.14349EPSS
CVE
CVE
•added 2004/09/01 4:0 a.m.•48 views

CVE-1999-1397

Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, enabling local and remote users to obtain the physical paths of indexed directories. Affected component: ContentIndex\Catalogs under AllowedPaths. Root cause: registr...

7.5CVSS6.3AI score0.11699EPSS
CVE
CVE
•added 2001/09/18 4:0 a.m.•46 views

CVE-2001-0244

The CVE-2001-0244 issue concerns Microsoft Index Server 2.0, where a buffer overflow in the index/search parameter handling allows remote attackers to execute arbitrary commands. The core affected component is Microsoft Index Server 2.0 (server-side indexing/search functionality); the root cause ...

7.5CVSS7.7AI score0.14727EPSS