Page 14 of 107 results (0.004 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. • https://www.exploit-db.com/exploits/20310 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0002&L=ntbugtraq&F=&S=&P=8800 •

CVSS: 5.0EPSS: 16%CPEs: 2EXPL: 2

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. • https://github.com/Cappricio-Securities/CVE-2000-0114 https://github.com/0xMe5war/CVE-2000-0114 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0114 •

CVSS: 5.0EPSS: 95%CPEs: 2EXPL: 1

Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/19742 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0126 •

CVSS: 5.0EPSS: 92%CPEs: 3EXPL: 0

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. • http://marc.info/?l=bugtraq&m=94770020309953&w=2 http://marc.info/?l=bugtraq&m=94780058006791&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. • http://support.microsoft.com/support/kb/articles/Q241/5/62.asp http://www.securityfocus.com/bid/657 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/3306 •