Internet Information Server Security Vulnerabilities and Issues — Page 2 of Internet Information Server CVE List

Lucene search

MicrosoftInternet Information Server

107 matches found

CVE•added 2000/07/12 4:0 a.m.•62 views

CVE-2000-0408

IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.

5CVSS6.8AI score0.74022EPSS

CVE•added 2002/11/12 5:0 a.m.•62 views

CVE-2002-1181

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unk...

6.8CVSS6AI score0.10885EPSS

CVE•added 1999/09/29 4:0 a.m.•61 views

CVE-1999-0348

IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.

5CVSS6.4AI score0.1324EPSS

CVE•added 1999/09/29 4:0 a.m.•61 views

CVE-1999-0412

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

7.5CVSS7.2AI score0.38326EPSS

CVE•added 2001/09/12 4:0 a.m.•61 views

CVE-1999-1451

The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.

5CVSS7.1AI score0.35589EPSS

CVE•added 2000/10/20 4:0 a.m.•61 views

CVE-2000-0746

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scr...

7.5CVSS6AI score0.18278EPSS

CVE•added 2005/06/28 4:0 a.m.•61 views

CVE-2002-1790

The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.

5CVSS6.7AI score0.19725EPSS

CVE•added 2000/02/08 5:0 a.m.•60 views

CVE-2000-0126

Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.

5CVSS6.5AI score0.70129EPSS

CVE•added 2003/04/02 5:0 a.m.•60 views

CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.

7.5CVSS7.2AI score0.84917EPSS

CVE•added 2003/04/02 5:0 a.m.•59 views

CVE-2002-0071

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.

7.5CVSS7.3AI score0.67642EPSS

CVE•added 2001/09/12 4:0 a.m.•58 views

CVE-1999-0154

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.

5CVSS7.2AI score0.48379EPSS

CVE•added 2002/03/09 5:0 a.m.•58 views

CVE-2000-0457

ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.

7.5CVSS6.6AI score0.84385EPSS

CVE•added 2002/03/09 5:0 a.m.•58 views

CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.

7.2CVSS6.7AI score0.80778EPSS

CVE•added 2003/04/02 5:0 a.m.•58 views

CVE-2002-0147

Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."

7.5CVSS7AI score0.37487EPSS

CVE•added 2001/09/12 4:0 a.m.•56 views

CVE-1999-1375

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.

5CVSS7.1AI score0.73172EPSS

CVE•added 2000/03/22 5:0 a.m.•56 views

CVE-2000-0025

IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.

5CVSS7.2AI score0.46048EPSS

CVE•added 2003/04/02 5:0 a.m.•56 views

CVE-2002-0073

The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.

5CVSS6.2AI score0.6712EPSS

CVE•added 2003/04/02 5:0 a.m.•56 views

CVE-2002-0074

Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.

7.5CVSS6.2AI score0.67563EPSS

CVE•added 2002/03/09 5:0 a.m.•55 views

CVE-2001-0545

IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length.

5CVSS6.6AI score0.16162EPSS

CVE•added 2002/11/12 5:0 a.m.•55 views

CVE-2002-0869

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."

7.5CVSS6.9AI score0.27312EPSS

CVE•added 2000/06/02 4:0 a.m.•53 views

CVE-2000-0258

IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

7.5CVSS7AI score0.20309EPSS

CVE•added 2003/04/02 5:0 a.m.•53 views

CVE-2002-0150

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.

7.5CVSS7.9AI score0.67619EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-1999-0736

The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

5CVSS6.7AI score0.76516EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-1999-0739

The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

5CVSS6.7AI score0.464EPSS

CVE•added 2002/05/03 4:0 a.m.•51 views

CVE-2001-1243

Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into AS...

5CVSS6.9AI score0.19535EPSS

CVE•added 2002/03/09 5:0 a.m.•49 views

CVE-1999-1223

IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.

5CVSS6.9AI score0.15873EPSS

CVE•added 2001/09/18 4:0 a.m.•49 views

CVE-2001-0004

IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability.

5CVSS6.9AI score0.76172EPSS

CVE•added 2003/04/02 5:0 a.m.•49 views

CVE-2002-0072

The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a ...

5CVSS6.3AI score0.30982EPSS

CVE•added 2000/01/04 5:0 a.m.•48 views

CVE-1999-0725

When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".

7.1CVSS7.3AI score0.38532EPSS

CVE•added 2002/03/09 5:0 a.m.•48 views

CVE-1999-1148

FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.

5CVSS7AI score0.18087EPSS

CVE•added 2000/04/25 4:0 a.m.•48 views

CVE-2000-0024

IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.

6.4CVSS7.1AI score0.12045EPSS

CVE•added 2001/09/20 4:0 a.m.•48 views

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.

5CVSS7AI score0.26029EPSS

CVE•added 2005/06/21 4:0 a.m.•48 views

CVE-2002-1694

Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.

5CVSS7AI score0.01603EPSS

CVE•added 2004/08/06 4:0 a.m.•48 views

CVE-2004-0205

Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.

7.2CVSS7.4AI score0.05723EPSS

CVE•added 2000/10/13 4:0 a.m.•47 views

CVE-2000-0630

IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.

5CVSS6.8AI score0.75963EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0281

Denial of service in IIS using long URLs.

5CVSS7.4AI score0.12409EPSS

CVE•added 2000/01/04 5:0 a.m.•45 views

CVE-1999-0777

IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.

7.5CVSS6.9AI score0.0134EPSS

CVE•added 2000/06/02 4:0 a.m.•45 views

CVE-2000-0226

IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."

5CVSS6.8AI score0.12721EPSS

CVE•added 2000/10/20 4:0 a.m.•45 views

CVE-2000-0770

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

6.4CVSS6.7AI score0.01619EPSS

CVE•added 1999/09/29 4:0 a.m.•44 views

CVE-1999-0278

In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

5CVSS7.1AI score0.76064EPSS

CVE•added 2000/01/04 5:0 a.m.•44 views

CVE-1999-0861

Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.

2.6CVSS6.7AI score0.05457EPSS

CVE•added 2004/09/01 4:0 a.m.•44 views

CVE-1999-1537

IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the f...

5CVSS7.1AI score0.01285EPSS

CVE•added 2001/05/07 4:0 a.m.•44 views

CVE-2001-0096

FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.

5CVSS6.6AI score0.55869EPSS

CVE•added 1999/09/29 4:0 a.m.•43 views

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.

5CVSS7AI score0.53319EPSS

CVE•added 2002/03/09 5:0 a.m.•43 views

CVE-1999-1478

The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.

5CVSS6.9AI score0.20487EPSS

CVE•added 2007/07/05 7:0 p.m.•43 views

CVE-1999-1591

Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual Inte...

7.5CVSS7.4AI score0.13492EPSS

CVE•added 2000/02/23 5:0 a.m.•43 views

CVE-2000-0167

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.

2.1CVSS6.6AI score0.00194EPSS

CVE•added 2002/03/09 5:0 a.m.•42 views

CVE-1999-1233

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.

7.5CVSS6.9AI score0.10312EPSS

CVE•added 2000/07/12 4:0 a.m.•42 views

CVE-2000-0304

Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.

5CVSS6.6AI score0.51691EPSS

CVE•added 2005/06/21 4:0 a.m.•42 views

CVE-2002-1695

Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running.

5CVSS7AI score0.01957EPSS

Total number of security vulnerabilities107