Page 7 of 107 results (0.005 seconds)

CVSS: 7.5EPSS: 37%CPEs: 2EXPL: 0

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Desbordamiento de buffer la extensión ISAPI ism.dll que implementa los scripts HTR en MS Internet Information Server (IIS) 4.0 y 5.0 permite a atacantes causar una denegación de servido o ejecutar código arbitrario mediante peticiones HTR con nombres de variables largos. • http://marc.info/?l=bugtraq&m=101854087828265&w=2 http://www.atstake.com/research/advisories/2002/a041002-1.txt http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8799.php http://www.kb.cert.org/vuls/id/363715 http://www.osvdb.org/3325 http://www.securityfocus.com/bid/4474 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002 •

CVSS: 7.5EPSS: 21%CPEs: 2EXPL: 0

Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names. Desbordamiento de buffer en las funciones de inclusión de ficheros en el servidor (server-side include) de ASP en IIS 4.0, 5.0 y 5.1 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante nombres de fichero largos. • http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8798.php http://www.kb.cert.org/vuls/id/721963 http://www.osvdb.org/3320 http://www.securityfocus.com/bid/4478 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A132 https://oval.cisecurity •

CVSS: 7.5EPSS: 40%CPEs: 2EXPL: 1

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. Vulnerabildad de secuencias de comandos en sitios cruzados (cross-site scripting) en Internet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes remotos ejecutar código arbitrario como otros usuarios mediatne una página de error HTTP. • https://www.exploit-db.com/exploits/21372 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8803.php http://www.kb.cert.org/vuls/id/886699 http://www.osvdb.org/3339 http://www.securityfocus.com/bid/4486 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 4

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Desbordamiento de buffer en el mecanismo de transferencia de codificación troceada (chunked encoding) en Active Server Pages (ASP) de Internet Information Server (IIS) 4.0 y 5.0, que permite a atacantes causar una denegación de servicio o ejecutar código arbitrario. • https://www.exploit-db.com/exploits/21369 https://www.exploit-db.com/exploits/21368 https://www.exploit-db.com/exploits/21370 https://www.exploit-db.com/exploits/21371 http://marc.info/?l=bugtraq&m=101846993304518&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8795.php http://www.kb.cert.org/vuls/id/610291 http://www.securityfocus •

CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 0

IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. • http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.osvdb.org/5736 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6981 •