Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services 5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote malicious users to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
Microsoft Frontpage
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2000-0746
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
Microsoft Frontpage
7.5
CVSSv2
CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Microsoft Internet Information Services 5.0
5
CVSSv2
CVE-2002-1182
IIS 5.0 and 5.1 allows remote malicious users to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
Microsoft Internet Information Services 5.0
5
CVSSv2
CVE-2000-0951
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote malicious users to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-2000-0778
IIS 5.0 allows remote malicious users to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
Microsoft Internet Information Services 5.0
2 EDB exploits
10
CVSSv2
CVE-2007-2815
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote malicious users to bypass NTLM and basic authentication mechanisms and access private web dire...
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote malicious users to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot d...
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-2002-1745
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote malicious users to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Microsoft Internet Information Services 5.0
2.6
CVSSv2
CVE-2002-0422
IIS 5 and 5.1 supporting WebDAV methods allows remote malicious users to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status resp...
Microsoft Internet Information Services 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »