CVSS: 5.0EPSS: 95%CPEs: 2EXPL: 1CVE-2000-0126 – Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006)
https://notcve.org/view.php?id=CVE-2000-0126
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/19742 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0126 •
CVSS: 5.0EPSS: 92%CPEs: 3EXPL: 0CVE-2000-0071
https://notcve.org/view.php?id=CVE-2000-0071
IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. • http://marc.info/?l=bugtraq&m=94770020309953&w=2 http://marc.info/?l=bugtraq&m=94780058006791&w=2 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-1999-1148
https://notcve.org/view.php?id=CVE-1999-1148
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. • http://support.microsoft.com/support/kb/articles/Q189/2/62.ASP https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-006 https://exchange.xforce.ibmcloud.com/vulnerabilities/1215 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-1999-1233
https://notcve.org/view.php?id=CVE-1999-1233
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. • http://support.microsoft.com/support/kb/articles/Q241/5/62.asp http://www.securityfocus.com/bid/657 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/3306 •
CVSS: 5.0EPSS: 90%CPEs: 2EXPL: 1CVE-1999-0154 – Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure
https://notcve.org/view.php?id=CVE-1999-0154
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. • https://www.exploit-db.com/exploits/20481 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0154 •