Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 5.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0071
IIS 4.0 allows a remote malicious user to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-0631
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote malicious users to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-1090
Microsoft IIS for Far East editions 4.0 and 5.0 allows remote malicious users to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Server 5.0
NA
CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
NA
CVE-2000-0649
IIS 4.0 allows remote malicious users to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
1 Metasploit module
7 Github repositories
NA
CVE-2002-1694
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote malicious users to modify the log file contents while IIS is running.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
7.5
CVSSv3
CVE-2000-0258
IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-0304
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote malicious user to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0869
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allows remote malicious users to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out o...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-0408
IIS 4.05 and 5.0 allow remote malicious users to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »