This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1999-12-31
Product Internet Information Services Last view 2009-12-29
Version - Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:internet_information_services

Activity : Overall

Related : CVE

  Date Alert Description
6 2009-12-29 CVE-2009-4445

Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax. NOTE: it could be argued that this is a vulnerability in the third-party product, not IIS, because the third-party product should be applying its extension restrictions to the portion of the filename before the colon.

5 2009-09-04 CVE-2009-2521

Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability."

9 2009-08-31 CVE-2009-3023

Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."

9 2008-10-14 CVE-2008-1446

Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."

10 2008-09-29 CVE-2008-4301

** DISPUTED ** A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote attackers to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original researcher is unreliable. Therefore the original disclosure is probably erroneous.

5 2008-09-29 CVE-2008-4300

A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.

4.4 2006-12-15 CVE-2006-6579

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.

5 2001-09-20 CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.

10 2001-07-21 CVE-2001-0500

Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.

5 2001-06-27 CVE-2001-0337

The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.

5 2001-06-27 CVE-2001-0336

The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.

5 2001-06-27 CVE-2001-0335

FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.

5 2001-06-27 CVE-2001-0334

FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.

7.5 2001-06-27 CVE-2001-0333

Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.

5 1999-12-31 CVE-1999-1148

FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
25% (1) CWE-190 Integer Overflow or Wraparound
25% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
25% (1) CWE-20 Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

SAINT Exploits

Description Link
IIS Double Decoding Directory Traversal More info here
Microsoft IIS FTP Server NLST Command Remote Overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
61432 Microsoft IIS Colon Safe Extension NTFS ADS Filename Syntax Arbitrary Remote ...
57753 Microsoft IIS FTP Server Crafted Recursive Listing Remote DoS
57589 Microsoft IIS FTP Server NLST Command Remote Overflow
49899 Microsoft IIS iissext.dll Unspecified ActiveX SetPassword Method Remote Passw...
49730 Microsoft IIS ActiveX (adsiis.dll) GetObject Method Remote DoS
49059 Microsoft IIS IPP Service Unspecified Remote Overflow
35962 Microsoft Windows XP Registry QHEADLES Permission Weakness
13478 Microsoft MS01-014 / MS01-016 Patch Memory Leak DoS
13473 Microsoft IIS on FAT Partition Local ASP Source Disclosure
11157 Microsoft IIS FTP Service PASV Connection Saturation DoS
5693 Microsoft MS00-060 Patch IIS Malformed Request DoS
1826 Microsoft IIS Domain Guest Account Disclosure
1824 Microsoft IIS FTP DoS
568 Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
556 Microsoft IIS/PWS Encoded Filename Arbitrary Command Execution

OpenVAS Exploits

id Description
2009-10-15 Name : Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
File : nvt/secpod_ms09-053.nasl
2009-09-18 Name : Microsoft IIS FTP Server 'ls' Command DOS Vulnerability
File : nvt/secpod_ms_iis_ftpd_ls_dos_vuln.nasl
2009-09-02 Name : Microsoft IIS FTPd NLST stack overflow
File : nvt/microsoft-iis-nlst-stack-overflow.nasl
2008-10-15 Name : Windows Internet Printing Service Allow Remote Code Execution Vulnerability (...
File : nvt/secpod_ms08-062_900052.nasl
2005-11-03 Name : CodeRed version X detection
File : nvt/codered_x.nasl
2005-11-03 Name : IIS Remote Command Execution
File : nvt/iis_decode_bug.nasl
2005-11-03 Name : IIS .IDA ISAPI filter applied
File : nvt/iis_ida_isapi.nasl
2005-11-03 Name : IIS 5.0 WebDav Memory Leakage
File : nvt/iis_webdav_lock_memory_leak.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2009-B-0052 Microsoft FTP Service for Internet Information Services (IIS) Remote Code Exe...
Severity: Category I - VMSKEY: V0021742
2008-B-0075 Microsoft Internet Printing Service Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0017793

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 multiple decode attempt
RuleID : 970 - Type : WEB-IIS - Revision : 14
2014-01-10 Microsoft NLST * dos attempt
RuleID : 8481 - Type : PROTOCOL-FTP - Revision : 11
2014-01-10 httpodbc.dll access - nimda
RuleID : 3201 - Type : SERVER-IIS - Revision : 14
2014-01-10 NLST overflow attempt
RuleID : 2374-community - Type : PROTOCOL-FTP - Revision : 19
2014-01-10 NLST overflow attempt
RuleID : 2374 - Type : PROTOCOL-FTP - Revision : 19
2018-10-17 Multiple Products FTP MKD buffer overflow attempt
RuleID : 23055-community - Type : PROTOCOL-FTP - Revision : 10
2014-01-10 Multiple Products FTP MKD buffer overflow attempt
RuleID : 23055 - Type : PROTOCOL-FTP - Revision : 10
2014-01-10 MKD overflow attempt
RuleID : 1973-community - Type : PROTOCOL-FTP - Revision : 31
2014-01-10 MKD overflow attempt
RuleID : 1973 - Type : PROTOCOL-FTP - Revision : 31
2014-02-08 (http_inspect)webrootdirectorytraversal
RuleID : 18 - Type : - Revision : 2
2014-01-10 LIST globbing denial of service attack
RuleID : 15932 - Type : PROTOCOL-FTP - Revision : 9
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode andx attempt
RuleID : 14724 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX andx attempt
RuleID : 14723 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response unicode andx attempt
RuleID : 14722 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response andx attempt
RuleID : 14721 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX little endian andx attempt
RuleID : 14720 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response little endian andx attempt
RuleID : 14719 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response unicode little endian andx attempt
RuleID : 14718 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode little endian andx attempt
RuleID : 14717 - Type : NETBIOS - Revision : 12
2014-01-10 SMB spoolss EnumJobs response WriteAndX unicode attempt
RuleID : 14716 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response WriteAndX attempt
RuleID : 14715 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response unicode attempt
RuleID : 14714 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response attempt
RuleID : 14713 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response WriteAndX little endian attempt
RuleID : 14712 - Type : NETBIOS - Revision : 10
2014-01-10 SMB spoolss EnumJobs response little endian attempt
RuleID : 14711 - Type : NETBIOS - Revision : 10

Nessus® Vulnerability Scanner

id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2009-10-13 Name: The remote anonymous FTP server seems vulnerable to an arbitrary code executi...
File: iis5_ftp_overflow.nasl - Type: ACT_DENIAL
2009-10-13 Name: The remote FTP server is affected by multiple vulnerabilities.
File: smb_nt_ms09-053.nasl - Type: ACT_GATHER_INFO
2008-10-15 Name: It is possible to execute arbitrary code on the remote host via the internet ...
File: smb_nt_ms08-062.nasl - Type: ACT_GATHER_INFO
2001-06-19 Name: The remote web server is affected by multiple vulnerabilities.
File: iis_isapi_overflow.nasl - Type: ACT_ATTACK
2001-05-15 Name: Arbitrary commands can be executed on the remote web server.
File: iis_decode_bug.nasl - Type: ACT_GATHER_INFO