Microsoft: >> Internet Information Server >> 3.0 Security Vulnerabilities
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
CVSS Score
5.0
EPSS Score
0.068
Published
1999-01-24
Information from SSL-encrypted sessions via PKCS #1.
CVSS Score
5.0
EPSS Score
0.051
Published
1998-06-26
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
CVSS Score
5.0
EPSS Score
0.761
Published
1998-06-01
IIS newdsn.exe CGI script allows remote users to overwrite files.
CVSS Score
6.4
EPSS Score
0.62
Published
1997-09-01
Denial of service in IIS using long URLs.
CVSS Score
5.0
EPSS Score
0.124
Published
1997-06-01
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
CVSS Score
7.5
EPSS Score
0.03
Published
1997-01-01
Page 4