IIS
by Microsoft
CVEs (64)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1745 | Hig | 0.50 | 7.5 | 0.18 | Dec 31, 2002 | Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. | ||
| CVE-2001-0334 | Hig | 0.50 | 7.5 | 0.15 | Jun 27, 2001 | FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | ||
| CVE-2000-0258 | Hig | 0.50 | 7.5 | 0.20 | Apr 12, 2000 | IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | ||
| CVE-2009-1122 | 0.11 | — | 0.98 | Jun 10, 2009 | The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication… | |||
| CVE-2001-0500 | 0.11 | — | 0.97 | Jul 21, 2001 | Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as… | |||
| CVE-2001-0333 | 0.10 | — | 0.91 | Jun 27, 2001 | Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. | |||
| CVE-2000-0778 | 0.10 | — | 0.87 | Oct 20, 2000 | IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | |||
| CVE-2001-0506 | 0.09 | — | 0.69 | Sep 20, 2001 | Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. | |||
| CVE-2000-0884 | 0.09 | — | 0.72 | Dec 19, 2000 | IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability. | |||
| CVE-2000-0246 | 0.09 | — | 0.80 | Mar 30, 2000 | IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. | |||
| CVE-1999-0874 | 0.09 | — | 0.78 | Jun 16, 1999 | Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||
| CVE-2002-1744 | 0.08 | — | 0.64 | Dec 31, 2002 | Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). | |||
| CVE-2001-1243 | 0.08 | — | 0.63 | Jul 4, 2001 | Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the… | |||
| CVE-2000-0886 | 0.08 | — | 0.69 | Dec 19, 2000 | IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability. | |||
| CVE-2000-0630 | 0.08 | — | 0.68 | Jul 17, 2000 | IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. | |||
| CVE-2000-0408 | 0.08 | — | 0.58 | May 11, 2000 | IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. | |||
| CVE-1999-0278 | 0.08 | — | 0.65 | Jun 1, 1998 | In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | |||
| CVE-2000-0951 | 0.07 | — | 0.44 | Dec 19, 2000 | A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search. | |||
| CVE-2000-0457 | 0.07 | — | 0.53 | May 11, 2000 | ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability. | |||
| CVE-1999-0736 | 0.07 | — | 0.45 | May 7, 1999 | The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
- risk 0.50cvss 7.5epss 0.18
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
- risk 0.50cvss 7.5epss 0.15
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
- risk 0.50cvss 7.5epss 0.20
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
- CVE-2009-1122Jun 10, 2009risk 0.11cvss —epss 0.98
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication…
- CVE-2001-0500Jul 21, 2001risk 0.11cvss —epss 0.97
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as…
- CVE-2001-0333Jun 27, 2001risk 0.10cvss —epss 0.91
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
- CVE-2000-0778Oct 20, 2000risk 0.10cvss —epss 0.87
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
- CVE-2001-0506Sep 20, 2001risk 0.09cvss —epss 0.69
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
- CVE-2000-0884Dec 19, 2000risk 0.09cvss —epss 0.72
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
- CVE-2000-0246Mar 30, 2000risk 0.09cvss —epss 0.80
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
- CVE-1999-0874Jun 16, 1999risk 0.09cvss —epss 0.78
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
- CVE-2002-1744Dec 31, 2002risk 0.08cvss —epss 0.64
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).
- CVE-2001-1243Jul 4, 2001risk 0.08cvss —epss 0.63
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the…
- CVE-2000-0886Dec 19, 2000risk 0.08cvss —epss 0.69
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
- CVE-2000-0630Jul 17, 2000risk 0.08cvss —epss 0.68
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
- CVE-2000-0408May 11, 2000risk 0.08cvss —epss 0.58
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
- CVE-1999-0278Jun 1, 1998risk 0.08cvss —epss 0.65
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
- CVE-2000-0951Dec 19, 2000risk 0.07cvss —epss 0.44
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
- CVE-2000-0457May 11, 2000risk 0.07cvss —epss 0.53
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
- CVE-1999-0736May 7, 1999risk 0.07cvss —epss 0.45
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Page 1 of 4