Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Site_server
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 16 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
1999-08-11 | CVE-1999-0867 | Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. | Commercial_internet_system, Internet_information_server, Site_server | N/A | ||
1999-08-11 | CVE-1999-0861 | Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. | Commercial_internet_system, Internet_information_server, Site_server, Site_server_commerce | N/A | ||
1999-12-21 | CVE-2000-0025 | IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | Internet_information_server, Site_server, Site_server_commerce | N/A | ||
1999-12-21 | CVE-2000-0024 | IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. | Internet_information_server, Site_server, Site_server_commerce | N/A | ||
2002-12-31 | CVE-2002-1769 | Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege. | Site_server, Site_server_commerce | N/A | ||
1998-06-26 | CVE-1999-0007 | Information from SSL-encrypted sessions via PKCS #1. | Stonghold_web_server, Open_market_secure_webserver, Exchange_server, Internet_information_server, Site_server, Certificate_server, Collabra_server, Directory_server, Enterprise_server, Fasttrack_server, Messaging_server, Proxy_server, Ssleay | N/A |