Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet information server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0114
Frontpage Server Extensions allows remote malicious users to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-2000-0126
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote malicious users to read files via a .. (dot dot) attack.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote malicious user to view the source code of certain files, a.k.a. "Double Byte Code Page".
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-1999-1035
IIS 3.0 and 4.0 on x86 and Alpha allows remote malicious users to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-1999-1537
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote malicious users to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Server 3.0
NA
CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote malicious users to cause a denial of service via a long NLST (ls) command.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Server 3.0
NA
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote malicious user to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
NA
CVE-1999-0253
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Services 1.0
Microsoft Internet Information Services 2.0
NA
CVE-2000-0770
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote malicious users to bypass access restrictions to some files, aka the "File Permission Canonicalization" vuln...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »