Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2001-0506

Published: 20/09/2001 Updated: 30/10/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Internet Information Server

Vulnerability Summary

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet information server 4.0

microsoft internet information services 5.0

Exploits

Exploit DB: Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation
source: wwwsecurityfocuscom/bid/3190/info A vulnerability exists in Microsoft IIS 40 and 50 that could allow a user with permission to write content to the IIS server to run any code in Local System context /* jimc - IIS Server Side Include exploit by Indigo <indig0@talk21com> 2001 Usage: jim <attacker host> <attack ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/3190http://online.securityfocus.com/archive/1/242541http://www.ciac.org/ciac/bulletins/l-132.shtmlhttp://marc.info/?l=bugtraq&m=99802093532233&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/6984https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044https://nvd.nist.govhttps://www.exploit-db.com/exploits/21071/https://www.kb.cert.org/vuls/id/630531
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-codedCVE-2024-27202NULL pointer dereferenceCVE-2024-28075CVE-2024-33608CVE-2024-28889CVE-2024-34572template injectionCVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook