Internet Information Services@5.0 Security Vulnerabilities and Issues — Internet Information Services@5.0 CVE List

Lucene search

MicrosoftInternet Information Services5.0

70 matches found

CVE•added 2000/08/03 4:0 a.m.•419 views

CVE-2000-0649

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

2.6CVSS6.9AI score0.62025EPSS

CVE•added 2009/01/15 12:30 a.m.•336 views

CVE-2003-1567

The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by usi...

5.8CVSS6.1AI score0.79926EPSS

CVE•added 2009/12/29 9:0 p.m.•310 views

CVE-2009-4444

Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, ...

6CVSS6.6AI score0.58584EPSS

CVE•added 2008/02/12 9:0 p.m.•196 views

CVE-2008-0074

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.

7.2CVSS6.2AI score0.02029EPSS

CVE•added 2009/06/10 6:30 p.m.•177 views

CVE-2009-1122

The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability...

7.5CVSS6.4AI score0.92339EPSS

CVE•added 2001/01/22 5:0 a.m.•160 views

CVE-2000-0884

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

7.5CVSS7AI score0.86685EPSS

CVE•added 2002/08/12 4:0 a.m.•150 views

CVE-2002-0422

IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRIT...

2.6CVSS9.4AI score0.49978EPSS

CVE•added 2005/07/05 4:0 a.m.•150 views

CVE-2005-2089

Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body...

4.3CVSS6.3AI score0.54337EPSS

CVE•added 2005/08/23 4:0 a.m.•129 views

CVE-2005-2678

Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.

5CVSS6.6AI score0.55449EPSS

CVE•added 2000/02/04 5:0 a.m.•128 views

CVE-1999-0450

In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).

7.5CVSS6.6AI score0.32431EPSS

CVE•added 2002/08/12 4:0 a.m.•127 views

CVE-2002-0419

Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which c...

5CVSS6.5AI score0.31296EPSS

CVE•added 2000/06/15 4:0 a.m.•125 views

CVE-2000-0413

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.

5CVSS6.4AI score0.59392EPSS

CVE•added 2007/05/22 7:30 p.m.•112 views

CVE-2007-2815

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile param...

10CVSS6.6AI score0.85071EPSS

CVE•added 2003/04/02 5:0 a.m.•104 views

CVE-2002-0075

Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.

7.5CVSS6.9AI score0.67563EPSS

CVE•added 2006/07/11 10:5 p.m.•103 views

CVE-2006-0026

Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).

6.5CVSS7.6AI score0.90121EPSS

CVE•added 2014/04/23 8:55 p.m.•101 views

CVE-2011-5279

CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.

5CVSS7.1AI score0.08547EPSS

CVE•added 2004/11/03 5:0 a.m.•88 views

CVE-2003-0718

The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.

5CVSS6.7AI score0.81995EPSS

CVE•added 2000/06/02 4:0 a.m.•74 views

CVE-2000-0246

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

5CVSS6.8AI score0.83616EPSS

CVE•added 2000/02/04 5:0 a.m.•72 views

CVE-2000-0071

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

5CVSS6.4AI score0.7142EPSS

CVE•added 2003/04/02 5:0 a.m.•70 views

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

7.5CVSS7.6AI score0.65661EPSS

CVE•added 2001/06/02 4:0 a.m.•68 views

CVE-2001-0151

IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.

5CVSS6.5AI score0.84832EPSS

CVE•added 2001/01/22 5:0 a.m.•67 views

CVE-2000-0970

IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.

7.5CVSS7.1AI score0.3846EPSS

CVE•added 2003/04/02 5:0 a.m.•67 views

CVE-2002-0148

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.

7.5CVSS6.8AI score0.72471EPSS

CVE•added 2003/04/02 5:0 a.m.•66 views

CVE-2002-0149

Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.

7.5CVSS7.8AI score0.49796EPSS

CVE•added 2004/09/01 4:0 a.m.•66 views

CVE-2002-1180

A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."

7.5CVSS6.5AI score0.01617EPSS

CVE•added 2001/01/22 5:0 a.m.•65 views

CVE-2000-0886

IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.

7.5CVSS7.6AI score0.89218EPSS

CVE•added 2003/06/09 4:0 a.m.•65 views

CVE-2003-0224

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."

10CVSS7.4AI score0.13411EPSS

CVE•added 2001/01/09 5:0 a.m.•64 views

CVE-2000-1104

Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those...

7.5CVSS6.3AI score0.18278EPSS

CVE•added 2003/06/09 4:0 a.m.•63 views

CVE-2003-0226

Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled.

5CVSS6.6AI score0.53051EPSS

CVE•added 2000/07/12 4:0 a.m.•62 views

CVE-2000-0408

IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.

5CVSS6.8AI score0.74022EPSS

CVE•added 2002/11/12 5:0 a.m.•62 views

CVE-2002-1181

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unk...

6.8CVSS6AI score0.10885EPSS

CVE•added 2000/10/20 4:0 a.m.•61 views

CVE-2000-0746

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scr...

7.5CVSS6AI score0.18278EPSS

CVE•added 2001/06/02 4:0 a.m.•61 views

CVE-2001-0146

IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.

5CVSS6.7AI score0.12277EPSS

CVE•added 2005/06/28 4:0 a.m.•61 views

CVE-2002-1790

The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.

5CVSS6.7AI score0.19725EPSS

CVE•added 2003/04/02 5:0 a.m.•60 views

CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.

7.5CVSS7.2AI score0.84917EPSS

CVE•added 2004/09/01 4:0 a.m.•59 views

CVE-2001-0902

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.

7.5CVSS7AI score0.35585EPSS

CVE•added 2003/04/02 5:0 a.m.•59 views

CVE-2002-0071

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.

7.5CVSS7.3AI score0.67642EPSS

CVE•added 2002/03/09 5:0 a.m.•58 views

CVE-2000-0457

ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.

7.5CVSS6.6AI score0.84385EPSS

CVE•added 2002/03/09 5:0 a.m.•58 views

CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.

7.2CVSS6.7AI score0.80778EPSS

CVE•added 2003/04/02 5:0 a.m.•58 views

CVE-2002-0147

Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."

7.5CVSS7AI score0.37487EPSS

CVE•added 2002/05/16 4:0 a.m.•57 views

CVE-2002-0224

The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.

5CVSS7.1AI score0.58255EPSS

CVE•added 2005/06/21 4:0 a.m.•57 views

CVE-2002-1700

Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.

4.3CVSS6.4AI score0.16341EPSS

CVE•added 2003/04/02 5:0 a.m.•56 views

CVE-2002-0073

The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.

5CVSS6.2AI score0.6712EPSS

CVE•added 2003/04/02 5:0 a.m.•56 views

CVE-2002-0074

Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.

7.5CVSS6.2AI score0.67563EPSS

CVE•added 2002/11/12 5:0 a.m.•55 views

CVE-2002-0869

Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."

7.5CVSS6.9AI score0.27312EPSS

CVE•added 2002/06/25 4:0 a.m.•54 views

CVE-2001-0508

Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request.

5CVSS6.4AI score0.46928EPSS

CVE•added 2000/06/02 4:0 a.m.•53 views

CVE-2000-0258

IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

7.5CVSS7AI score0.20309EPSS

CVE•added 2003/04/02 5:0 a.m.•53 views

CVE-2002-0150

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.

7.5CVSS7.9AI score0.67619EPSS

CVE•added 2004/09/01 4:0 a.m.•53 views

CVE-2002-1182

IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.

5CVSS6.6AI score0.31765EPSS

CVE•added 2009/01/15 12:30 a.m.•53 views

CVE-2003-1566

Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.

5CVSS6.3AI score0.09301EPSS

Total number of security vulnerabilities70