Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services 5.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-2678
Microsoft IIS 5.1 and 6 allows remote malicious users to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
505
VMScore
CVE-2003-0718
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote malicious users to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 5.0
1 EDB exploit
505
VMScore
CVE-2000-0630
IIS 4.0 and 5.0 allows remote malicious users to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
668
VMScore
CVE-2000-0970
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote malicious users to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerab...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
570
VMScore
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
668
VMScore
CVE-2002-0869
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allows remote malicious users to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out o...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
445
VMScore
CVE-2001-0096
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
505
VMScore
CVE-2002-0419
Information leaks in IIS 4 up to and including 5.1 allow remote malicious users to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the re...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
445
VMScore
CVE-2000-0071
IIS 4.0 allows a remote malicious user to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
445
VMScore
CVE-2000-0631
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote malicious users to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »