CVE-2001-0334
https://notcve.org/view.php?id=CVE-2001-0334
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/6535 • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2001-0336 – Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026)
https://notcve.org/view.php?id=CVE-2001-0336
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. • https://www.exploit-db.com/exploits/20846 http://www.osvdb.org/5693 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/6858 •
CVE-2001-0333 – Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution
https://notcve.org/view.php?id=CVE-2001-0333
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. • https://www.exploit-db.com/exploits/20835 https://www.exploit-db.com/exploits/20837 https://www.exploit-db.com/exploits/20836 https://www.exploit-db.com/exploits/20838 https://www.exploit-db.com/exploits/20839 https://www.exploit-db.com/exploits/20840 https://www.exploit-db.com/exploits/20841 https://www.exploit-db.com/exploits/20842 https://www.exploit-db.com/exploits/16467 http://marc.info/?l=bugtraq&m=98992056521300&w=2 http://www.cert.org/advisories/ •
CVE-2001-0337
https://notcve.org/view.php?id=CVE-2001-0337
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 •
CVE-2000-1090
https://notcve.org/view.php?id=CVE-2000-1090
Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character. • http://www.nsfocus.com/english/homepage/sa_08.htm http://www.securityfocus.com/bid/2100 https://exchange.xforce.ibmcloud.com/vulnerabilities/5729 •