CVSS: 5.3EPSS: 28%CPEs: 4EXPL: 7CVE-2000-0649 – Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure
https://notcve.org/view.php?id=CVE-2000-0649
13 Jul 2000 — IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined. Collect any leaked internal IPs by requesting commonly redirected locations from IIS. CVE-2000-0649 references IIS 5.1 (win2k, XP) and older. However, in newer servers such as IIS 7+, this occurs when the alternateHostName is not set or misconfigured. Also collects internal IPs leaked from the PROPFIND method in certain II... • https://packetstorm.news/files/id/181126 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 83%CPEs: 7EXPL: 1CVE-2000-0246 – Microsoft IIS 4.0 - UNC Mapped Virtual Host
https://notcve.org/view.php?id=CVE-2000-0246
30 Mar 2000 — IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. • https://www.exploit-db.com/exploits/19824 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 4CVE-2000-0114
https://notcve.org/view.php?id=CVE-2000-0114
02 Feb 2000 — Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. • https://github.com/Cappricio-Securities/CVE-2000-0114 •
CVSS: 7.5EPSS: 70%CPEs: 2EXPL: 1CVE-2000-0126 – Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006)
https://notcve.org/view.php?id=CVE-2000-0126
26 Jan 2000 — Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/19742 •
CVSS: 9.1EPSS: 71%CPEs: 3EXPL: 0CVE-2000-0071
https://notcve.org/view.php?id=CVE-2000-0071
11 Jan 2000 — IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. • http://marc.info/?l=bugtraq&m=94770020309953&w=2 •
CVSS: 7.5EPSS: 18%CPEs: 2EXPL: 0CVE-1999-1035
https://notcve.org/view.php?id=CVE-1999-1035
31 Dec 1999 — IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. • http://support.microsoft.com/support/kb/articles/q192/2/96.asp •
CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 0CVE-1999-1148
https://notcve.org/view.php?id=CVE-1999-1148
31 Dec 1999 — FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. • http://support.microsoft.com/support/kb/articles/Q189/2/62.ASP •
CVSS: 7.5EPSS: 15%CPEs: 1EXPL: 0CVE-1999-1223
https://notcve.org/view.php?id=CVE-1999-1223
31 Dec 1999 — IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters. • http://support.microsoft.com/support/kb/articles/q187/5/03.asp •
CVSS: 7.5EPSS: 35%CPEs: 2EXPL: 0CVE-1999-1451
https://notcve.org/view.php?id=CVE-1999-1451
31 Dec 1999 — The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. • http://support.microsoft.com/support/kb/articles/q231/3/68.asp •
CVSS: 7.5EPSS: 35%CPEs: 2EXPL: 1CVE-1999-0154 – Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure
https://notcve.org/view.php?id=CVE-1999-0154
31 Dec 1999 — IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. • https://www.exploit-db.com/exploits/20481 •