Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 4.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote malicious users to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
Microsoft Frontpage
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Github repository
215
VMScore
CVE-1999-1538
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
Microsoft Internet Information Server 4.0
1 EDB exploit
445
VMScore
CVE-1999-0348
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
Microsoft Internet Information Server 4.0
445
VMScore
CVE-1999-0737
The viewcode.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
445
VMScore
CVE-1999-0738
The code.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
505
VMScore
CVE-1999-0736
The showcode.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
1 EDB exploit
445
VMScore
CVE-1999-0739
The codebrws.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
890
VMScore
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote malicious users to execute arbitrary commands.
Microsoft Internet Information Server 4.0
1 Github repository
890
VMScore
CVE-1999-0407
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
Microsoft Internet Information Server 4.0
505
VMScore
CVE-1999-0448
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote malicious user to hide the URL they really request.
Microsoft Internet Information Server 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »