Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_information_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 108 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-12-31 | CVE-1999-1035 | IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | Internet_information_server | N/A | ||
| 1999-07-19 | CVE-1999-1011 | The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | Data_access_components, Index_server, Internet_information_server, Site_server | N/A | ||
| 1999-05-07 | CVE-1999-0739 | The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | Internet_information_server | N/A | ||
| 1999-05-07 | CVE-1999-0738 | The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | Internet_information_server | N/A | ||
| 1999-05-07 | CVE-1999-0737 | The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | Internet_information_server | N/A | ||
| 1999-05-07 | CVE-1999-0736 | The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | Internet_information_server | N/A | ||
| 1999-01-26 | CVE-1999-0449 | The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | Internet_information_server | N/A | ||
| 1999-02-09 | CVE-1999-0407 | By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | Internet_information_server | N/A | ||
| 1998-06-01 | CVE-1999-0278 | In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | Internet_information_server, Windows_nt | N/A | ||
| 1997-09-01 | CVE-1999-0191 | IIS newdsn.exe CGI script allows remote users to overwrite files. | Internet_information_server | N/A |