Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 4.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote malicious users to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
Microsoft Frontpage
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Github repository
445
VMScore
CVE-1999-0738
The code.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
445
VMScore
CVE-1999-0739
The codebrws.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
890
VMScore
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote malicious users to execute arbitrary commands.
Microsoft Internet Information Server 4.0
1 Github repository
215
VMScore
CVE-1999-1538
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
Microsoft Internet Information Server 4.0
1 EDB exploit
465
VMScore
CVE-2000-1147
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows malicious users to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.
Microsoft Internet Information Server 4.0
1 EDB exploit
215
VMScore
CVE-2000-0167
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
Microsoft Internet Information Server 4.0
1 EDB exploit
445
VMScore
CVE-2000-0226
IIS 4.0 allows malicious users to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
Microsoft Internet Information Server 4.0
445
VMScore
CVE-2001-0545
IIS 4.0 with URL redirection enabled allows remote malicious users to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length.
Microsoft Internet Information Server 4.0
445
VMScore
CVE-1999-0348
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
Microsoft Internet Information Server 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »