Page 7 of 91 results (0.006 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. • https://www.exploit-db.com/exploits/20846 http://www.osvdb.org/5693 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/6858 •

CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 9

Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. • https://www.exploit-db.com/exploits/20835 https://www.exploit-db.com/exploits/20837 https://www.exploit-db.com/exploits/20836 https://www.exploit-db.com/exploits/20838 https://www.exploit-db.com/exploits/20839 https://www.exploit-db.com/exploits/20840 https://www.exploit-db.com/exploits/20841 https://www.exploit-db.com/exploits/20842 https://www.exploit-db.com/exploits/16467 http://marc.info/?l=bugtraq&m=98992056521300&w=2 http://www.cert.org/advisories/ •

CVSS: 5.0EPSS: 25%CPEs: 1EXPL: 0

The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 •

CVSS: 5.0EPSS: 87%CPEs: 2EXPL: 0

IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. • http://marc.info/?l=bugtraq&m=97897954625305&w=2 http://www.securityfocus.com/bid/2313 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-004 https://exchange.xforce.ibmcloud.com/vulnerabilities/5903 •

CVSS: 5.0EPSS: 4%CPEs: 2EXPL: 0

FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-100 https://exchange.xforce.ibmcloud.com/vulnerabilities/5823 •