CVSS: 5.0EPSS: 95%CPEs: 1EXPL: 2CVE-2001-0986 – Microsoft Index Server 2.0 - File Information / Full Path Disclosure
https://notcve.org/view.php?id=CVE-2001-0986
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. • https://www.exploit-db.com/exploits/21113 http://www.securityfocus.com/archive/1/214217 http://www.securityfocus.com/bid/3339 https://exchange.xforce.ibmcloud.com/vulnerabilities/7125 •
CVSS: 10.0EPSS: 96%CPEs: 3EXPL: 6CVE-2001-0500 – Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. • https://www.exploit-db.com/exploits/20930 https://www.exploit-db.com/exploits/16472 https://www.exploit-db.com/exploits/20931 https://www.exploit-db.com/exploits/20933 https://www.exploit-db.com/exploits/20932 http://www.cert.org/advisories/CA-2001-13.html http://www.ciac.org/ciac/bulletins/l-098.shtml http://www.iss.net/security_center/static/6705.php http://www.securityfocus.com/archive/1/191873 http://www.securityfocus.com/bid/2880 https://docs.microso •
CVSS: 5.0EPSS: 92%CPEs: 2EXPL: 0CVE-2001-0245
https://notcve.org/view.php?id=CVE-2001-0245
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-025 https://exchange.xforce.ibmcloud.com/vulnerabilities/6518 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0244
https://notcve.org/view.php?id=CVE-2001-0244
Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. • http://www.securityfocus.com/bid/2709 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-025 https://exchange.xforce.ibmcloud.com/vulnerabilities/6517 •
CVSS: 5.0EPSS: 96%CPEs: 1EXPL: 1CVE-2000-0302 – Microsoft Index Server 2.0 - '%20' ASP Source Disclosure
https://notcve.org/view.php?id=CVE-2000-0302
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL. • https://www.exploit-db.com/exploits/19830 http://marc.info/?l=bugtraq&m=95453598317340&w=2 http://www.osvdb.org/271 http://www.securityfocus.com/bid/1084 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006 •