Microsoft: >> Internet Information Server Security Vulnerabilities
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.765
Published
1999-05-07
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.529
Published
1999-05-07
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.464
Published
1999-05-07
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.464
Published
1999-05-07
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
CVSS Score
7.5
EPSS Score
0.271
Published
1999-02-19
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
CVSS Score
5.0
EPSS Score
0.732
Published
1999-02-11
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
CVSS Score
10.0
EPSS Score
0.296
Published
1999-02-09
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVSS Score
5.0
EPSS Score
0.132
Published
1999-01-27
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.112
Published
1999-01-27
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
CVSS Score
7.8
EPSS Score
0.362
Published
1999-01-26