CVSS: 5.0EPSS: 89%CPEs: 1EXPL: 1CVE-1999-0448 – Microsoft IIS 4 (Windows NT) - Log Avoidance
https://notcve.org/view.php?id=CVE-1999-0448
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. • https://www.exploit-db.com/exploits/19149 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448 •
CVSS: 5.0EPSS: 0%CPEs: 22EXPL: 0CVE-1999-0007
https://notcve.org/view.php?id=CVE-1999-0007
Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.0EPSS: 90%CPEs: 3EXPL: 1CVE-1999-0278 – Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams
https://notcve.org/view.php?id=CVE-1999-0278
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. • https://www.exploit-db.com/exploits/19118 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A913 •
CVSS: 5.0EPSS: 93%CPEs: 6EXPL: 0CVE-1999-0012
https://notcve.org/view.php?id=CVE-1999-0012
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012 •
CVSS: 6.4EPSS: 96%CPEs: 1EXPL: 1CVE-1999-0191 – Microsoft IIS 3.0 - 'newdsn.exe' File Creation
https://notcve.org/view.php?id=CVE-1999-0191
IIS newdsn.exe CGI script allows remote users to overwrite files. • https://www.exploit-db.com/exploits/20309 http://www.osvdb.org/275 •