Page 4 of 46 results (0.009 seconds)

CVSS: 7.5EPSS: 94%CPEs: 2EXPL: 0

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values. Desbordamiento de buffer en Internet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes remotos falsificar la comprobación de seguridad de cabeceras HTTP y causar una denegación de servicio o ejecutar código arbitrario mediante valores de campos de las cabeceras HTTP. • http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8797.php http://www.kb.cert.org/vuls/id/454091 http://www.osvdb.org/3316 http://www.securityfocus.com/bid/4476 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A137 https://oval.cisecurity •

CVSS: 5.0EPSS: 10%CPEs: 2EXPL: 0

The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer. Un filtro ISAPI en las Extensiones de Servidor de Front Page y ASP.NET para Internet Information Server (IIS) 4.0, 5.0 y 5.1 no maneja adecuadamente la condición de error cuando se provee una URL larga, lo que permite a atacantes remotos causar una denegación de sevicio (caída). • http://marc.info/?l=bugtraq&m=101853851025208&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8800.php http://www.kb.cert.org/vuls/id/521059 http://www.osvdb.org/3326 http://www.securityfocus.com/bid/4479 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 •

CVSS: 5.0EPSS: 96%CPEs: 2EXPL: 0

The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters. El servicio FTP en Intenet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes que han establecido una sesión FTP causar una denegación de servicio mediante una petición de estado especialmente formada. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0023.html http://marc.info/?l=bugtraq&m=101901273810598&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.digitaloffense.net/msftpd/advisory.txt http://www.iss.net/security_center/static/8801.php http://www.kb.cert.org/vuls/id/412203 http://www.osvdb.org/3328 http://www.securityfocus.com/bid/4482 https://docs. •

CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 0

Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message. Vulnerabilidad de secuencias de comandos en sitios cruzados (Cross-site scripting) en Internet Information Server 4.0, 5.0 y 5.1 permite a atacantes remotos ejecutar scripts arbitrarios como otros usuarios del web mediante el mensaje de error usado en una redirección de URL. • http://marc.info/?l=bugtraq&m=101854677802990&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8804.php http://www.kb.cert.org/vuls/id/520707 http://www.osvdb.org/3341 http://www.securityfocus.com/bid/4487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition •

CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 0

Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session. Vulnerabilidad de secuencias de comandos en sitios cruzados (Cross-site scripting) en el fichero de Ayuda del Internet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes remotos insertar código en otra sesión de usuario. • http://seclists.org/bugtraq/2002/Apr/0126.html http://www.cert.org/advisories/CA-2002-09.html http://www.cgisecurity.com/advisory/9.txt http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8802.php http://www.kb.cert.org/vuls/id/883091 http://www.osvdb.org/3338 http://www.securityfocus.com/bid/4483 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://o •