NotCVE - vendor:"Microsoft" product:"Internet Information Server" version:" <= 4.0"

Page 5 of 95 results (0.004 seconds)

CVSS: 7.5EPSS: 37%CPEs: 2EXPL: 0

CVE-2002-0071

https://notcve.org/view.php?id=CVE-2002-0071

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Desbordamiento de buffer la extensión ISAPI ism.dll que implementa los scripts HTR en MS Internet Information Server (IIS) 4.0 y 5.0 permite a atacantes causar una denegación de servido o ejecutar código arbitrario mediante peticiones HTR con nombres de variables largos. • http://marc.info/?l=bugtraq&m=101854087828265&w=2 http://www.atstake.com/research/advisories/2002/a041002-1.txt http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8799.php http://www.kb.cert.org/vuls/id/363715 http://www.osvdb.org/3325 http://www.securityfocus.com/bid/4474 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002 •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 4

CVE-2002-0079 – Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow

https://notcve.org/view.php?id=CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Desbordamiento de buffer en el mecanismo de transferencia de codificación troceada (chunked encoding) en Active Server Pages (ASP) de Internet Information Server (IIS) 4.0 y 5.0, que permite a atacantes causar una denegación de servicio o ejecutar código arbitrario. • https://www.exploit-db.com/exploits/21369 https://www.exploit-db.com/exploits/21368 https://www.exploit-db.com/exploits/21370 https://www.exploit-db.com/exploits/21371 http://marc.info/?l=bugtraq&m=101846993304518&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8795.php http://www.kb.cert.org/vuls/id/610291 http://www.securityfocus •

CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 0

CVE-2001-0545

https://notcve.org/view.php?id=CVE-2001-0545

IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. • http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.osvdb.org/5736 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6981 •

CVSS: 7.2EPSS: 54%CPEs: 2EXPL: 2

CVE-2001-0506 – Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation

https://notcve.org/view.php?id=CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. • https://www.exploit-db.com/exploits/21071 http://marc.info/?l=bugtraq&m=99802093532233&w=2 http://online.securityfocus.com/archive/1/242541 http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.securityfocus.com/bid/3190 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6984 •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 0

CVE-2001-0709

https://notcve.org/view.php?id=CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. • http://www.securityfocus.com/archive/1/192802 http://www.securityfocus.com/bid/2909 https://exchange.xforce.ibmcloud.com/vulnerabilities/6742 •

1...3 4 5 6 7