Show filters
111 Total Results
Displaying 61-70 of 111
Sort by:
Attacker Value
Unknown
CVE-2000-0457
Disclosure Date: May 11, 2000 (last updated February 22, 2025)
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
0
Attacker Value
Unknown
CVE-2000-0408
Disclosure Date: May 11, 2000 (last updated February 22, 2025)
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
0
Attacker Value
Unknown
CVE-2000-0304
Disclosure Date: May 10, 2000 (last updated February 22, 2025)
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
0
Attacker Value
Unknown
CVE-2000-0413
Disclosure Date: May 06, 2000 (last updated February 22, 2025)
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
0
Attacker Value
Unknown
CVE-2000-0258
Disclosure Date: April 12, 2000 (last updated February 22, 2025)
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
0
Attacker Value
Unknown
CVE-2000-0246
Disclosure Date: March 30, 2000 (last updated February 22, 2025)
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
0
Attacker Value
Unknown
CVE-2000-0226
Disclosure Date: March 20, 2000 (last updated February 22, 2025)
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
0
Attacker Value
Unknown
CVE-2000-0167
Disclosure Date: February 15, 2000 (last updated February 22, 2025)
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
0
Attacker Value
Unknown
CVE-2000-0114
Disclosure Date: February 02, 2000 (last updated February 22, 2025)
Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
0
Attacker Value
Unknown
CVE-2000-0126
Disclosure Date: January 26, 2000 (last updated February 22, 2025)
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
0
