Vulnerabilities > CVE-1999-0360 - Unspecified vulnerability in Microsoft Site Server 2.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

microsoft

nessus

exploit available

NVD

Published: 1999-01-30

Updated: 2016-10-18

Summary

MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Site Server 2.0	1

Exploit-Db

description	Microsoft Site Server 2.0 with IIS 4.0 Malicious File Upload Vulnerability. CVE-1999-0360. Remote exploit for windows platform
id	EDB-ID:20305
last seen	2016-02-02
modified	1999-01-30
published	1999-01-30
reporter	Mnemonix
source	https://www.exploit-db.com/download/20305/
title	Microsoft Site Server 2.0 with IIS 4.0 - File Upload Vulnerability

Nessus

NASL family	Web Servers
NASL id	IIS_REPOST_ASP.NASL
description	The script
last seen	2020-06-01
modified	2020-06-02
plugin id	10372
published	2000-04-15
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10372
title	Microsoft IIS repost.asp File Upload

References

http://marc.info/?l=bugtraq&m=91763097004101&w=2