Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 4.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-0349
A buffer overflow in the FTP list (ls) command in IIS allows remote malicious users to conduct a denial of service and, in some cases, execute arbitrary commands.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
5
CVSSv2
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote malicious user to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
5
CVSSv2
CVE-1999-1035
IIS 3.0 and 4.0 on x86 and Alpha allows remote malicious users to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
5
CVSSv2
CVE-1999-1375
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote malicious users to read arbitrary files by specifying the name in the file parameter.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
5
CVSSv2
CVE-1999-1537
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote malicious users to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform...
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
5
CVSSv2
CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote malicious users to cause a denial of service via a long NLST (ls) command.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
7.5
CVSSv2
CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
2.6
CVSSv2
CVE-2000-0649
IIS 4.0 allows remote malicious users to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
1 EDB exploit
1 Metasploit module
8 Github repositories
5
CVSSv2
CVE-2000-0258
IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
7.5
CVSSv2
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »