CVSS: 7.8EPSS: 90%CPEs: 1EXPL: 0CVE-1999-0449
https://notcve.org/view.php?id=CVE-1999-0449
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. • http://www.osvdb.org/2 http://www.osvdb.org/3 http://www.osvdb.org/4 http://www.securityfocus.com/bid/193 •
CVSS: 5.0EPSS: 7%CPEs: 2EXPL: 0CVE-1999-1544
https://notcve.org/view.php?id=CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. • http://marc.info/?l=bugtraq&m=91722115016183&w=2 •
CVSS: 2.1EPSS: 89%CPEs: 1EXPL: 2CVE-1999-1538 – Microsoft IIS 4 (Windows NT) - Remote Web-Based Administration
https://notcve.org/view.php?id=CVE-1999-1538
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. • https://www.exploit-db.com/exploits/19147 http://marc.info/?l=bugtraq&m=91638375309890&w=2 http://marc.info/?l=ntbugtraq&m=91632724913080&w=2 http://www.securityfocus.com/bid/189 •
CVSS: 10.0EPSS: 75%CPEs: 1EXPL: 0CVE-1999-1376
https://notcve.org/view.php?id=CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. • http://marc.info/?l=bugtraq&m=91638375309890&w=2 http://marc.info/?l=ntbugtraq&m=91632724913080&w=2 •
CVSS: 5.0EPSS: 89%CPEs: 1EXPL: 1CVE-1999-0448 – Microsoft IIS 4 (Windows NT) - Log Avoidance
https://notcve.org/view.php?id=CVE-1999-0448
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. • https://www.exploit-db.com/exploits/19149 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448 •