|
279131
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictio…
|
NVD-CWE-Other
|
CVE-2000-0770
|
2018-10-31 01:25 |
2000-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279132
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Se…
|
NVD-CWE-Other
|
CVE-2000-0884
|
2018-10-31 01:25 |
2000-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279133
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Pa…
|
NVD-CWE-Other
|
CVE-2000-0886
|
2018-10-31 01:25 |
2000-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279134
|
- |
|
microsoft
|
internet_information_services
|
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) …
|
NVD-CWE-Other
|
CVE-2000-0951
|
2018-10-31 01:25 |
2000-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279135
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to …
|
NVD-CWE-Other
|
CVE-2000-0970
|
2018-10-31 01:25 |
2000-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279136
|
- |
|
cisco
|
pix_firewall_software
|
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the r…
|
NVD-CWE-Other
|
CVE-2000-1027
|
2018-10-31 01:25 |
2000-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279137
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which…
|
NVD-CWE-Other
|
CVE-2000-1104
|
2018-10-31 01:25 |
2001-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279138
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI …
|
NVD-CWE-Other
|
CVE-2001-0004
|
2018-10-31 01:25 |
2001-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279139
|
- |
|
sun
|
sunos
|
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
|
NVD-CWE-Other
|
CVE-2001-0095
|
2018-10-31 01:25 |
2001-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279140
|
- |
|
microsoft
|
internet_information_server
internet_information_services
|
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
|
NVD-CWE-Other
|
CVE-2001-0096
|
2018-10-31 01:25 |
2001-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
