Filtered by vendor Microsoft
Subscriptions
Filtered by product Internet Information Server
Subscriptions
Total
111 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | ||||
| CVE-1999-0407 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | ||||
| CVE-1999-0737 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | ||||
| CVE-1999-0738 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | ||||
| CVE-1999-0739 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | ||||
| CVE-1999-0777 | 1 Microsoft | 2 Commercial Internet System, Internet Information Server | 2025-04-03 | N/A |
| IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. | ||||
| CVE-1999-0861 | 1 Microsoft | 4 Commercial Internet System, Internet Information Server, Site Server and 1 more | 2025-04-03 | N/A |
| Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. | ||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | ||||
| CVE-1999-1035 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | ||||
| CVE-1999-1148 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | ||||
| CVE-1999-1233 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. | ||||