107 matches found
CVE-2010-1899
CVE-2010-1899 corresponds to a stack consumption vulnerability in the ASP implementation of Microsoft IIS (versions affected: 5.1, 6.0, 7.0, 7.5) that can be triggered by crafted requests to asp.dll, causing a denial of service (daemon outage). Public references indicate the issue is addressed by...
CVE-2009-3023
CVE-2009-3023 is the IIS FTP Service NLST command remote buffer overflow in Microsoft IIS FTP service (ftpsvc) affecting IIS 5.0–6.0. A crafted NLST with wildcards can overflow a stack buffer, enabling remote code execution (attack context can yield SYSTEM‑level code execution under affected setu...
CVE-2010-1256
CVE-2010-1256 is an IIS memory-corruption vulnerability (IIS 6.0/7.0/7.5) tied to Extended Protection for Authentication. A remote attacker could execute arbitrary code by abusing how authentication information is parsed, when Extended Protection is enabled (KB973917). Microsoft MS10-040 fixes th...
CVE-2008-0075
CVE-2008-0075 is an IIS remote code execution vulnerability in Microsoft Internet Information Services 5.1–6.0, caused by a buffer overflow when handling HTML-encoded ASP pages. An attacker could pass crafted input to ASP pages to execute arbitrary code on the target, with the Worker Process Iden...
CVE-2000-0649
CVE-2000-0649 describes an HTTP internal IP disclosure in IIS 4.0: an attacker can obtain the server’s private IP by requesting a page protected with Basic Authentication (no realm) via HTTP/1.0. Connected documents (Metasploit IIS_INTERNAL_IP module, Nessus/Nessus-like plugin, OpenVAS NASL) corr...
CVE-2001-0500
CVE-2001-0500 is a buffer-overflow in the IDQ ISAPI handler (idq.dll) used by Microsoft IIS Indexing Service/Index Server 2.0 (and IIS 6.0 beta and earlier). The vulnerability allows remote attackers to execute arbitrary commands by sending a long argument to the .ida and .idq entry points (e.g.,...
CVE-2007-2897
CVE-2007-2897: Microsoft IIS 6.0 (server side) is vulnerable to a denial of service and potential information leakage via requests for a URI containing a DOS device name (example: /AUX/.aspx), effectively bypassing a blacklist for DOS device requests. The issue is triggered when a crafted request...
CVE-2000-0114
CVE-2000-0114 affects FrontPage Server Extensions. It enables unauthenticated remote disclosure of the anonymous account name via an RPC POST to shtml.dll in the /_vti_bin/ virtual directory. The issue stems from information disclosure in FrontPage Server Extensions; no exploitation details are p...
CVE-2001-0333
CVE-2001-0333 is a directory-traversal vulnerability in Microsoft IIS 5.0 and earlier. An attacker can craft requests that double-encode dot-dot and backslash characters to bypass checks and remotely execute commands on the server. This is associated with MS01-026/MS01-044 (IIS CGI double-decode)...
CVE-2008-0074
CVE-2008-0074 describes a local elevation of privilege in Microsoft Internet Information Services (IIS) 5.0–7.0 due to how file change notifications are handled in FTPRoot, NNTPFile\Root, and WWWRoot folders. Exploitation could allow a local attacker to execute arbitrary code with SYSTEM privileg...
CVE-2007-0087
CVE-2007-0087 involves Microsoft Internet Information Services (IIS). The vulnerability occurs when IIS processes a TCP connection with a large window size and a Range header that specifies multiple copies of the same fragment, enabling remote attackers to cause a denial of service through networ...
CVE-2000-0884
The CVE-2000-0884 entry describes a directory traversal/command execution vulnerability in Microsoft IIS 4.0 and 5.0. Public sources (SAINT, OpenVAS) confirm that by encoding invalid characters in Unicode (e.g., %c0%af) an attacker can bypass path validation and access the server’s filesystem fro...
CVE-1999-0737
CVE-1999-0737 : The IIS/Site Server sample file viewcode.asp allows remote attackers to read arbitrary files, causing information disclosure. Affected component: the viewcode.asp file on Microsoft Internet Information Services (IIS) / Site Server. Root cause: the file exposes the server’s filesys...
CVE-1999-0450
CVE-1999-0450 describes an information disclosure vulnerability in Microsoft IIS where an attacker can determine the real/physical path of a virtual directory by requesting a non-existent URL that would be interpreted by perl.exe. The underlying issue is a path disclosure in IIS tied to Perl hand...
CVE-2000-0413
The vulnerability CVE-2000-0413 affects the FrontPage Server Extensions shtml.exe component in IIS 4.0/5.0. A remote attacker can trigger an error by requesting a non-existent HTML/HTM/ASP/SHTML file, causing the server to reveal the local absolute path of the web root in the error message. This ...
CVE-2005-2678
CVE-2005-2678 affects Microsoft IIS 5.1 and IIS 6. The issue allows remote attackers to spoof the SERVER_NAME variable by issuing a GET request containing an http://localhost URI, bypassing security checks and enabling various attacks. Some connected sources also describe an ASP source code discl...
CVE-2002-0419
The CVE-2002-0419 entry describes information leaks in Microsoft IIS versions 4 through 5.1 where remote attackers can learn sensitive details via server responses. Specifically, when Basic authentication is used, the server may reveal its IP address as the realm, potentially exposing NAT-obscure...
CVE-2003-1582
CVE-2003-1582 affects Microsoft IIS 6.0. When DNS resolution is enabled for client IPs, remote attackers can inject arbitrary text into log files via an HTTP request paired with a crafted DNS response, demonstrated by injecting XSS sequences. This is related to an Inverse Lookup Log Corruption (I...
CVE-1999-1376
CVE-1999-1376 targets IIS 4.0 with FrontPage Server Extensions, via the fpcount.exe CGI. The vulnerability is a remote buffer overflow in the fpcount.exe CGI that could allow a remote attacker to execute arbitrary commands on the server, potentially crashing it or taking control. Incident details...
CVE-2001-0337
The vulnerability CVE-2001-0337 affects Microsoft Internet Information Services 5.0 and earlier, specifically the WebDav component (httpext.dll). A memory-leak flaw allows a malicious user to exhaust server memory by issuing many LOCK requests against a non-existent filename, potentially leading ...
CVE-2006-0026
CVE-2006-0026 describes a buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 that is triggered by parsing crafted Active Server Pages (ASP). The underlying flaw in the ASP processing code can allow an attacker who can publish ASP pages to execute arbitrary code on ...
CVE-2002-0075
CVE-2002-0075 is a cross-site scripting vulnerability in Microsoft IIS 4.0/5.0/5.1 where an attacker could cause arbitrary script to run in a user’s browser via unsanitized content in redirect error messages. The connected OpenVAS/ISS/CERT sources confirm multiple CSS issues tied to IIS, includin...
CVE-1999-0229
CVE-1999-0229 describes a Denial of Service targeting Windows NT Internet Information Services (IIS) servers, through crafted requests that traverse directories (e.g., ../../). Several connected sources tie the issue to Microsoft IIS <= 2.0 and label it a GET request DoS vulnerability, implyin...
CVE-1999-0867
CVE-1999-0867 describes a denial of service affecting IIS 4.0 caused by a flood of HTTP requests with malformed headers. The available connected documents corroborate a remote DoS scenario, originating from malformed header handling in IIS 4.0. The core vulnerability is the server’s inability to ...
CVE-2003-0718
CVE-2003-0718 concerns a denial-of-service in the WebDAV XML Message Handler of Microsoft IIS. A crafted PROPFIND request containing a WebDAV XML document with a very large number of attributes can cause IIS to exhaust memory and CPU, potentially rendering the server unresponsive. The vulnerabili...
CVE-1999-0012
CVE-1999-0012 affects some Microsoft Windows-based web servers where remote attackers can bypass file access restrictions for files with long file names. The connected documents confirm the vulnerability description but do not provide concrete product versions, fixed versions, or remediation step...
CVE-1999-0007
Technical details for CVE-1999-0007 are not publicly available in the provided documents. Monitor for updates from authoritative sources.
CVE-2000-0246
The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...
CVE-2000-0115
CVE-2000-0115 concerns Microsoft IIS. The vulnerability arises from a denial-of-service condition caused by invalid regular expressions in a Visual Basic script embedded in an ASP page. The root cause is malformed regex handling in VBScript within the ASP context, which can exhaust resources and ...
CVE-2001-0335
The CVE-2001-0335 issue affects Microsoft IIS FTP Service on IIS 5.0 and earlier. The vulnerability arises when a remote user supplies a username preceded by a special sequence of characters, causing the FTP service to enumerate Guest accounts in trusted domains. This could enable account discove...
CVE-2001-0336
The CVE-2001-0336 entry concerns Microsoft IIS 5.0 and earlier. According to provided records, the MS00-060 patch for IIS 5.0/earlier introduces an error that allows an attacker to cause a denial of service via a malformed request. The connected sources confirm the affected product version and th...
CVE-1999-0874
CVE-1999-0874 maps to a buffer overflow in IIS 4.0’s ISAPI processing of HTR/IDC/STM files (ISM.DLL). Public sources show a remote overflow that can cause denial of service and, in several references, the potential for remote code execution on affected Windows NT systems (MS02-018/Microsoft MS99-...
CVE-2000-0071
Microsoft IIS 4.0 is affected by CVE-2000-0071 via an information-disclosure path in the IDA/IDQ handling. A remote attacker can request non-existent files with .ida or .idq extensions to obtain the real document-root pathname, potentially aiding further targeted attacks. The issue is evidenced i...
CVE-2002-0364
CVE-2002-0364 describes a heap-based buffer overflow in IIS 4.0/5.0 when processing chunked-encoded HTR requests via the HTR ISAPI extension, allowing an attacker to execute arbitrary code with the privileges of the ISAPI process. The vulnerability stems from chunked encoding handling; impact inc...
CVE-1999-0191
CVE-1999-0191 affects Microsoft IIS via the CGI newdsn.exe script. The vulnerability exists in the /scripts/tools/newdsn.exe CGI, which allows remote attackers to create or overwrite files on the server if NTFS permissions permit, enabling arbitrary file creation and potential DSN overwrites. The...
CVE-2006-6579
CVE-2006-6579 affects Microsoft Windows XP, where the directory %WINDIR%\pchealth\ERRORREP\QHEADLES has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA granted to Everyone). This misconfiguration allows local users to write and read files in that folder. The description notes an ASP shell wi...
CVE-1999-0407
CVE-1999-0407 affects Microsoft IIS 4.0. A default virtual directory /IISADMPWD contains files that can be used as proxies for brute-forcing credentials or identifying valid users. In Nessus data, these files (aexp2.htr, aexp2b.htr, aexp3.htr, aexp4.htr) can enable brute-force login attempts; one...
CVE-1999-0449
The CVE-1999-0449 entry applies to Microsoft IIS 4, specifically the ExAir sample site. A remote attacker can cause a denial of service (CPU consumption) by directly requesting one of three ASP scripts: advsearch.asp, query.asp, or search.asp. The connected Red Hat and CPAI advisories corroborate...
CVE-2000-1090
Microsoft IIS for Far East editions 4.0 and 5.0 are affected by CVE-2000-1090, where a malformed URL employing the lead-byte of a double-byte character allows remote attackers to read source code of parsed pages. The root cause is improper handling of lead-byte in double-byte character sequences ...
CVE-1999-1538
The CVE-1999-1538 issue affects Microsoft IIS where, after upgrading IIS 2 or 3 to IIS 4, the ism.dll file is left in /scripts/iisadmin. This unmanaged file does not restrict access, enabling an unauthorized user to access sensitive server information, including the Administrator’s password, via ...
CVE-1999-0253
Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...
CVE-2000-1104
CVE-2000-1104 is a variant of the IIS Cross-Site Scripting vulnerability described in MS00-060 (CVE-2000-0746). The vulnerability affects Microsoft IIS 4.0 and 5.0, where a malicious site can embed scripts in a link to a trusted site, which are returned unquoted in an error message and executed i...
CVE-2000-0886
CVE-2000-0886 : Microsoft IIS 5.0 is vulnerable to remote code execution via a malformed request for an executable file whose name is appended with operating system commands (the “Web Server File Request Parsing” vulnerability). The issue affects IIS 4.0/5.0 per NSFOCUS advisories; exploitation c...
CVE-2002-0148
CVE-2002-0148 is a cross-site scripting vulnerability in Microsoft Internet Information Services (IIS) 4.0, 5.0 and 5.1 that allows remote attackers to execute arbitrary script as the affected user via an HTTP error page. Connected sources confirm this CSS/XSS issue is part of a broader set of II...
CVE-2002-0149
CVE-2002-0149 concerns a buffer overflow in the IIS ASP Server-Side Include (SSI) processing when handling long file names. The issue affects Microsoft IIS 4.0, 5.0 and 5.1, and can allow a remote attacker to crash the server or potentially execute arbitrary code via crafted SSI inputs. Multiple ...
CVE-1999-1011
CVE-1999-1011 affects the RDS DataFactory component of Microsoft MDAC used by IIS 3.x/4.x, enabling remote command execution via unsafe DataFactory methods in msadcs.dll. Public docs reference MS99-025 security bulletin and multiple advisories; exploit code and modules exist (e.g., Metasploit MSS...
CVE-2000-0970
CVE-2000-0970 affects IIS 4.0 and 5.0 where ASP pages send the same Session ID cookie for secure and insecure sessions, enabling potential remote hijacking of a user’s secure session if they transition to insecure web traffic. The root cause is cookie marking across session contexts, leading to p...
CVE-2001-0506
CVE-2001-0506 is a buffer overflow in IIS 4.0/5.0 ssinc.dll when processing Server-Side Includes directives, allowing an attacker who can write to the web directory to trigger overflow and execute arbitrary code with the web server’s privileges (LOCAL SYSTEM). Affected products: Microsoft IIS 4.0...
CVE-2000-0746
The CVE-2000-0746 entry concerns a Microsoft IIS XSS vulnerability affecting IIS 4.0 and 5.0. The issue arises from improper handling of unquoted script content in links returned within error messages, allowing a malicious site to craft a link that executes scripts in the context of a trusted sit...
CVE-1999-0349
CVE-1999-0349 is a vulnerability in Microsoft IIS FTP Server where a buffer overflow in the FTP LIST (ls) / NLST handling allows remote attackers to cause a denial of service, and in some cases may execute arbitrary commands. The issue is tied to the IIS FTP service’s command processing and memor...