Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Internet Information Services  >> 2.0  Security Vulnerabilities
CVE-2009-4445
Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax. NOTE: it could be argued that this is a vulnerability in the third-party product, not IIS, because the third-party product should be applying its extension restrictions to the portion of the filename before the colon.
CVSS Score
6.0
EPSS Score
0.148
Published
2009-12-29
CVE-2006-6579
Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.
CVSS Score
4.4
EPSS Score
0.002
Published
2006-12-15
CVE-2000-0649
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
CVSS Score
2.6
EPSS Score
0.649
Published
2000-07-13
CVE-1999-0154
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
CVSS Score
5.0
EPSS Score
0.475
Published
1999-12-31
CVE-1999-0412
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
CVSS Score
7.5
EPSS Score
0.118
Published
1999-02-19
CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
CVSS Score
7.5
EPSS Score
0.079
Published
1999-01-26
CVE-1999-0281
Denial of service in IIS using long URLs.
CVSS Score
5.0
EPSS Score
0.069
Published
1997-06-01
CVE-1999-0253
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
CVSS Score
7.5
EPSS Score
0.043
Published
1997-01-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved