Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet information server vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-1999-1538
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
Microsoft Internet Information Server 4.0
1 EDB exploit
5
CVSSv2
CVE-2000-0226
IIS 4.0 allows malicious users to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
Microsoft Internet Information Server 4.0
4.6
CVSSv2
CVE-2000-1147
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows malicious users to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.
Microsoft Internet Information Server 4.0
1 EDB exploit
2.1
CVSSv2
CVE-2000-0167
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
Microsoft Internet Information Server 4.0
1 EDB exploit
5
CVSSv2
CVE-1999-1223
IIS 3.0 allows remote malicious users to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.
Microsoft Internet Information Server 3.0
10
CVSSv2
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote malicious users to execute arbitrary commands.
Microsoft Internet Information Server 4.0
1 Github repository
5
CVSSv2
CVE-1999-0738
The code.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
5
CVSSv2
CVE-1999-0739
The codebrws.asp sample file in IIS and Site Server allows remote malicious users to read arbitrary files.
Microsoft Internet Information Server 4.0
7.8
CVSSv2
CVE-1999-0449
The ExAir sample site in IIS 4 allows remote malicious users to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
Microsoft Internet Information Server 4.0
10
CVSSv2
CVE-2008-0075
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 up to and including 6.0 allows remote malicious users to execute arbitrary code via crafted inputs to ASP pages.
Microsoft Internet Information Server 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »