VYPR

IIS

by Microsoft

CVEs (64)

  • CVE-2002-1745HigDec 31, 2002
    risk 0.50cvss 7.5epss 0.18

    Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.

  • CVE-2001-0334HigJun 27, 2001
    risk 0.50cvss 7.5epss 0.15

    FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.

  • CVE-2000-0258HigApr 12, 2000
    risk 0.50cvss 7.5epss 0.20

    IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

  • CVE-2009-1122Jun 10, 2009
    risk 0.11cvss epss 0.98

    The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication…

  • CVE-2001-0500Jul 21, 2001
    risk 0.11cvss epss 0.97

    Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as…

  • CVE-2001-0333Jun 27, 2001
    risk 0.10cvss epss 0.91

    Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.

  • CVE-2000-0778Oct 20, 2000
    risk 0.10cvss epss 0.87

    IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.

  • CVE-2001-0506Sep 20, 2001
    risk 0.09cvss epss 0.69

    Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.

  • CVE-2000-0884Dec 19, 2000
    risk 0.09cvss epss 0.72

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

  • CVE-2000-0246Mar 30, 2000
    risk 0.09cvss epss 0.80

    IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

  • CVE-1999-0874Jun 16, 1999
    risk 0.09cvss epss 0.78

    Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.

  • CVE-2002-1744Dec 31, 2002
    risk 0.08cvss epss 0.64

    Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).

  • CVE-2001-1243Jul 4, 2001
    risk 0.08cvss epss 0.63

    Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the…

  • CVE-2000-0886Dec 19, 2000
    risk 0.08cvss epss 0.69

    IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.

  • CVE-2000-0630Jul 17, 2000
    risk 0.08cvss epss 0.68

    IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.

  • CVE-2000-0408May 11, 2000
    risk 0.08cvss epss 0.58

    IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.

  • CVE-1999-0278Jun 1, 1998
    risk 0.08cvss epss 0.65

    In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

  • CVE-2000-0951Dec 19, 2000
    risk 0.07cvss epss 0.44

    A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.

  • CVE-2000-0457May 11, 2000
    risk 0.07cvss epss 0.53

    ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.

  • CVE-1999-0736May 7, 1999
    risk 0.07cvss epss 0.45

    The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

Page 1 of 4