Vulnerabilities > CVE-1999-0407 - Unspecified vulnerability in Microsoft Internet Information Server 4.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

nessus

NVD

Published: 1999-02-09

Updated: 2016-10-18

Summary

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Information Server 4.0	1

Nessus

NASL family	Web Servers
NASL id	IIS_AUTHENTIFICATION_MANAGER.NASL
description	Microsoft IIS installs the
last seen	2020-06-01
modified	2020-06-02
plugin id	10371
published	2000-04-15
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10371
title	Microsoft IIS /iisadmpwd/aexp2.htr Password Policy Bypass

Summary

Vulnerable Configurations

Nessus

References