Internet Information Services@2.0 Security Vulnerabilities and Issues — Internet Information Services@2.0 CVE List

Lucene search

MicrosoftInternet Information Services2.0

7 matches found

CVE•added 2000/08/03 4:0 a.m.•419 views

CVE-2000-0649

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

2.6CVSS6.9AI score0.62025EPSS

CVE•added 2000/02/04 5:0 a.m.•128 views

CVE-1999-0450

In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).

7.5CVSS6.6AI score0.32431EPSS

CVE•added 2006/12/15 7:28 p.m.•74 views

CVE-2006-6579

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine...

4.4CVSS6.5AI score0.00182EPSS

CVE•added 2000/02/04 5:0 a.m.•65 views

CVE-1999-0253

IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.

7.5CVSS6.9AI score0.02987EPSS

CVE•added 1999/09/29 4:0 a.m.•61 views

CVE-1999-0412

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

7.5CVSS7.2AI score0.38326EPSS

CVE•added 2001/09/12 4:0 a.m.•58 views

CVE-1999-0154

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.

5CVSS7.2AI score0.48379EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0281

Denial of service in IIS using long URLs.

5CVSS7.4AI score0.12409EPSS