Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information server 4.0 vulnerabilities and exploits
(subscribe to this query)
725
VMScore
CVE-2001-0506
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
445
VMScore
CVE-2001-0709
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote malicious user to obtain source code of ASP files via a URL encoded with Unicode.
Microsoft Internet Information Server
445
VMScore
CVE-2001-0508
Vulnerability in IIS 5.0 allows remote malicious users to cause a denial of service (restart) via a long, invalid WebDAV request.
Microsoft Internet Information Services 5.0
1000
VMScore
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Indexing Service
Microsoft Index Server 2.0
5 EDB exploits
1 Github repository
510
VMScore
CVE-2001-1243
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote malicious users to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injectin...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
2 EDB exploits
795
VMScore
CVE-2001-0333
Directory traversal vulnerability in IIS 5.0 and previous versions allows remote malicious users to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
Microsoft Internet Information Server
Microsoft Internet Information Server 4.0
9 EDB exploits
505
VMScore
CVE-2001-0336
The Microsoft MS00-060 patch for IIS 5.0 and previous versions introduces an error which allows malicious users to cause a denial of service via a malformed request.
Microsoft Internet Information Server
1 EDB exploit
445
VMScore
CVE-2000-1090
Microsoft IIS for Far East editions 4.0 and 5.0 allows remote malicious users to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Server 5.0
445
VMScore
CVE-2001-0096
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote malicious users to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
445
VMScore
CVE-2001-0004
IIS 5.0 and 4.0 allows remote malicious users to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via ....
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »