This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1999-05-12
Product Internet Information Server Last view 2013-05-22
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:internet_information_server

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2013-05-22 CVE-2013-0942

Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

9 2009-08-31 CVE-2009-3023

Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."

7.8 2007-01-05 CVE-2007-0087

** DISPUTED ** Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.

4.4 2006-12-15 CVE-2006-6579

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.

5 2001-09-20 CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.

10 2001-07-21 CVE-2001-0500

Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.

5 2001-06-27 CVE-2001-0337

The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.

5 2001-06-27 CVE-2001-0336

The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.

5 2001-06-27 CVE-2001-0335

FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.

5 2001-06-27 CVE-2001-0334

FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.

7.5 2001-06-27 CVE-2001-0333

Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.

5 2000-01-21 CVE-2000-0115

IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.

5 1999-12-31 CVE-1999-1148

FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.

5 1999-05-12 CVE-1999-0229

Denial of service in Windows NT IIS server using ..\..

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
50% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic
CAPEC-79 Using Slashes in Alternate Encoding
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

SAINT Exploits

Description Link
IIS Double Decoding Directory Traversal More info here
Microsoft IIS FTP Server NLST Command Remote Overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
59360 Microsoft IIS ASP Page Visual Basic Script Malformed Regex Parsing DoS
57589 Microsoft IIS FTP Server NLST Command Remote Overflow
55269 Microsoft IIS Traversal GET Request Remote DoS
35962 Microsoft Windows XP Registry QHEADLES Permission Weakness
33457 Microsoft IIS Crafted TCP Connection Range Header DoS
13478 Microsoft MS01-014 / MS01-016 Patch Memory Leak DoS
13473 Microsoft IIS on FAT Partition Local ASP Source Disclosure
11157 Microsoft IIS FTP Service PASV Connection Saturation DoS
5693 Microsoft MS00-060 Patch IIS Malformed Request DoS
1826 Microsoft IIS Domain Guest Account Disclosure
1824 Microsoft IIS FTP DoS
568 Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
556 Microsoft IIS/PWS Encoded Filename Arbitrary Command Execution

OpenVAS Exploits

id Description
2012-05-22 Name : Microsoft IIS GET Request Denial of Service Vulnerability
File : nvt/secpod_ms_iis_get_request_dos_vuln.nasl
2009-10-15 Name : Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
File : nvt/secpod_ms09-053.nasl
2009-09-02 Name : Microsoft IIS FTPd NLST stack overflow
File : nvt/microsoft-iis-nlst-stack-overflow.nasl
2005-11-03 Name : CodeRed version X detection
File : nvt/codered_x.nasl
2005-11-03 Name : IIS Remote Command Execution
File : nvt/iis_decode_bug.nasl
2005-11-03 Name : IIS .IDA ISAPI filter applied
File : nvt/iis_ida_isapi.nasl
2005-11-03 Name : IIS 5.0 WebDav Memory Leakage
File : nvt/iis_webdav_lock_memory_leak.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2009-B-0052 Microsoft FTP Service for Internet Information Services (IIS) Remote Code Exe...
Severity: Category I - VMSKEY: V0021742

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows IIS directory traversal attempt
RuleID : 974-community - Type : SERVER-IIS - Revision : 23
2014-01-10 Microsoft Windows IIS directory traversal attempt
RuleID : 974 - Type : SERVER-IIS - Revision : 23
2014-01-10 multiple decode attempt
RuleID : 970 - Type : WEB-IIS - Revision : 14
2014-01-10 Microsoft NLST * dos attempt
RuleID : 8481 - Type : PROTOCOL-FTP - Revision : 11
2014-01-10 httpodbc.dll access - nimda
RuleID : 3201 - Type : SERVER-IIS - Revision : 14
2014-01-10 NLST overflow attempt
RuleID : 2374-community - Type : PROTOCOL-FTP - Revision : 19
2014-01-10 NLST overflow attempt
RuleID : 2374 - Type : PROTOCOL-FTP - Revision : 19
2018-10-17 Multiple Products FTP MKD buffer overflow attempt
RuleID : 23055-community - Type : PROTOCOL-FTP - Revision : 10
2014-01-10 Multiple Products FTP MKD buffer overflow attempt
RuleID : 23055 - Type : PROTOCOL-FTP - Revision : 10
2014-01-10 MKD overflow attempt
RuleID : 1973-community - Type : PROTOCOL-FTP - Revision : 31
2014-01-10 MKD overflow attempt
RuleID : 1973 - Type : PROTOCOL-FTP - Revision : 31
2014-02-08 (http_inspect)webrootdirectorytraversal
RuleID : 18 - Type : - Revision : 2
2014-01-10 ISAPI .idq attempt
RuleID : 1244-community - Type : SERVER-IIS - Revision : 29
2014-01-10 ISAPI .idq attempt
RuleID : 1244 - Type : SERVER-IIS - Revision : 29
2014-01-10 ISAPI .ida attempt
RuleID : 1243-community - Type : SERVER-IIS - Revision : 26
2014-01-10 ISAPI .ida attempt
RuleID : 1243 - Type : SERVER-IIS - Revision : 26
2019-01-15 (http_inspect)directorytraversal
RuleID : 11 - Type : - Revision : 2

Nessus® Vulnerability Scanner

id Description
2009-10-13 Name: The remote anonymous FTP server seems vulnerable to an arbitrary code executi...
File: iis5_ftp_overflow.nasl - Type: ACT_DENIAL
2009-10-13 Name: The remote FTP server is affected by multiple vulnerabilities.
File: smb_nt_ms09-053.nasl - Type: ACT_GATHER_INFO
2001-06-19 Name: The remote web server is affected by multiple vulnerabilities.
File: iis_isapi_overflow.nasl - Type: ACT_ATTACK
2001-05-15 Name: Arbitrary commands can be executed on the remote web server.
File: iis_decode_bug.nasl - Type: ACT_GATHER_INFO
1999-06-22 Name: The remote web server is vulnerable to a Denial of Service attack
File: iis_crash.nasl - Type: ACT_DENIAL