CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0CVE-1999-1451
https://notcve.org/view.php?id=CVE-1999-1451
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. • http://support.microsoft.com/support/kb/articles/q231/3/68.asp https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/3271 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-1999-1035
https://notcve.org/view.php?id=CVE-1999-1035
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. • http://support.microsoft.com/support/kb/articles/q192/2/96.asp https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-019 https://exchange.xforce.ibmcloud.com/vulnerabilities/1823 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-1999-1223
https://notcve.org/view.php?id=CVE-1999-1223
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters. • http://support.microsoft.com/support/kb/articles/q187/5/03.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/3892 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-1999-1591
https://notcve.org/view.php?id=CVE-1999-1591
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. • http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00276.html http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00277.html http://www.securityfocus.com/bid/190 •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0024
https://notcve.org/view.php?id=CVE-2000-0024
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ246401 http://www.acrossecurity.com/aspr/ASPR-1999-11-10-1-PUB.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-061 •