CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 2CVE-2002-1744 – Microsoft IIS 5.0 - 'CodeBrws.asp' Source Code Disclosure
https://notcve.org/view.php?id=CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). • https://www.exploit-db.com/exploits/21385 http://online.securityfocus.com/archive/1/267945 http://online.securityfocus.com/archive/1/268065 http://www.securityfocus.com/bid/4525 https://exchange.xforce.ibmcloud.com/vulnerabilities/8853 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1718
https://notcve.org/view.php?id=CVE-2002-1718
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences. • http://online.securityfocus.com/archive/1/255555 http://online.securityfocus.com/archive/1/256125 http://www.securityfocus.com/bid/4084 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 2CVE-2002-1790 – Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
https://notcve.org/view.php?id=CVE-2002-1790
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. • https://www.exploit-db.com/exploits/21613 http://online.securityfocus.com/archive/1/281914 http://www.iss.net/security_center/static/9580.php http://www.securityfocus.com/bid/5213 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2002-1908
https://notcve.org/view.php?id=CVE-2002-1908
Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. • http://www.iss.net/security_center/static/10370.php http://www.securiteam.com/windowsntfocus/6C00C1F5QA.html http://www.securityfocus.com/bid/5907 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1180
https://notcve.org/view.php?id=CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." Un error tipográfico en los permisos de acceso a fuentes de scripts en Internet Information Server (IIS) 5.0 no excluye adecuadamente ficheros .COM, lo que permite a atacantes con sólo permisos de escritura cargar ficheros .COM, también conocida como "Vulnerabilidad de Acceso a Fuente de Scripts" • http://www.ciac.org/ciac/bulletins/n-011.shtml http://www.iss.net/security_center/static/10504.php http://www.securityfocus.com/bid/6068 http://www.securityfocus.com/bid/6071 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931 •