CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6579
https://notcve.org/view.php?id=CVE-2006-6579
Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine. Microsoft Windows XP tiene pérmisos débiles (FILE_WRITE_DATA y FILE_READ_DATA para cualquiera) para %WINDIR%\pchealth\ERRORREP\QHEADLES, lo cual permite a un usuario local escribir y leer archivos en esta carpeta, como se demostró con un shell ASP que tiene permisos de escritura por IWAM_machine y permiso de lectura por IUSR_Machine. • http://www.securityfocus.com/archive/1/454268/100/0/threaded •
CVSS: 5.0EPSS: 13%CPEs: 3EXPL: 1CVE-2003-1342 – Trend Micro Virus Control System 1.8 - Denial of Service
https://notcve.org/view.php?id=CVE-2003-1342
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. • https://www.exploit-db.com/exploits/22172 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0021.html http://secunia.com/advisories/7881 http://www.osvdb.org/6185 http://www.securityfocus.com/bid/6617 https://exchange.xforce.ibmcloud.com/vulnerabilities/11060 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 0CVE-2001-0709
https://notcve.org/view.php?id=CVE-2001-0709
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. • http://www.securityfocus.com/archive/1/192802 http://www.securityfocus.com/bid/2909 https://exchange.xforce.ibmcloud.com/vulnerabilities/6742 •
CVSS: 10.0EPSS: 96%CPEs: 3EXPL: 6CVE-2001-0500 – Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. • https://www.exploit-db.com/exploits/20930 https://www.exploit-db.com/exploits/16472 https://www.exploit-db.com/exploits/20931 https://www.exploit-db.com/exploits/20933 https://www.exploit-db.com/exploits/20932 http://www.cert.org/advisories/CA-2001-13.html http://www.ciac.org/ciac/bulletins/l-098.shtml http://www.iss.net/security_center/static/6705.php http://www.securityfocus.com/archive/1/191873 http://www.securityfocus.com/bid/2880 https://docs.microso •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0334
https://notcve.org/view.php?id=CVE-2001-0334
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/6535 • CWE-131: Incorrect Calculation of Buffer Size •