Vulnerabilities > CVE-1999-1591 - Authentication vulnerability in Microsoft VisualInterDev 6.0 - IIS4- Management With No
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |