Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet information services vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-1717
Microsoft Internet Information Server (IIS) 5.1 allows remote malicious users to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf.
Microsoft Internet Information Services 5.1
445
VMScore
CVE-2002-1718
Microsoft Internet Information Server (IIS) 5.1 may allow remote malicious users to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
Microsoft Internet Information Services 5.1
445
VMScore
CVE-2002-1745
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote malicious users to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Microsoft Internet Information Services 5.0
828
VMScore
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
1000
VMScore
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote malicious users to execute arbitrary code or cause a denial of service (daemon c...
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
668
VMScore
CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
Microsoft Internet Information Services 5.0
445
VMScore
CVE-2002-1182
IIS 5.0 and 5.1 allows remote malicious users to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
Microsoft Internet Information Services 5.0
510
VMScore
CVE-2000-0778
IIS 5.0 allows remote malicious users to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
Microsoft Internet Information Services 5.0
2 EDB exploits
445
VMScore
CVE-2002-1908
Microsoft IIS 5.0 and 5.1 allows remote malicious users to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.
Microsoft Internet Information Services 5.0
505
VMScore
CVE-2000-0951
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote malicious users to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Microsoft Internet Information Services 5.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »