Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-1999-0281
Denial of service in IIS using long URLs.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Services 2.0
1 EDB exploit
445
VMScore
CVE-2005-2678
Microsoft IIS 5.1 and 6 allows remote malicious users to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
725
VMScore
CVE-2001-0506
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
570
VMScore
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
796
VMScore
CVE-2000-0884
IIS 4.0 and 5.0 allows remote malicious users to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
9 EDB exploits
2 Github repositories
755
VMScore
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
435
VMScore
CVE-2010-1899
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote malicious users to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
505
VMScore
CVE-2002-0419
Information leaks in IIS 4 up to and including 5.1 allow remote malicious users to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the re...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
668
VMScore
CVE-2000-0970
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote malicious users to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerab...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
641
VMScore
CVE-2008-0074
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 up to and including 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »