Microsoft: >> Internet Information Server >> 4.0 Security Vulnerabilities
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
CVSS Score
5.0
EPSS Score
0.215
Published
1999-08-11
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.793
Published
1999-07-19
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
CVSS Score
5.0
EPSS Score
0.013
Published
1999-07-07
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
CVSS Score
5.0
EPSS Score
0.205
Published
1999-07-06
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
CVSS Score
10.0
EPSS Score
0.851
Published
1999-06-16
Denial of service in Windows NT IIS server using ..\..
CVSS Score
5.0
EPSS Score
0.049
Published
1999-05-12
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.765
Published
1999-05-07
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.529
Published
1999-05-07
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.464
Published
1999-05-07
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.464
Published
1999-05-07