Vulnerabilities > CVE-2000-0886 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Microsoft IIS 4.0/5.0 Executable File Parsing Vulnerability. CVE-2000-0886. Remote exploit for windows platform |
id | EDB-ID:20384 |
last seen | 2016-02-02 |
modified | 2000-11-06 |
published | 2000-11-06 |
reporter | Nsfocus |
source | https://www.exploit-db.com/download/20384/ |
title | Microsoft IIS 4.0/5.0 Executable File Parsing Vulnerability |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS00-086.NASL |
description | The hotfix for the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10632 |
published | 2001-03-12 |
reporter | This script is Copyright (C) 2001-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10632 |
title | MS00-086: Webserver file request parsing (277873) |
code |
|
Oval
accepted | 2011-05-16T04:02:03.628-04:00 | ||||||||||||||||
class | vulnerability | ||||||||||||||||
contributors |
| ||||||||||||||||
description | IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability. | ||||||||||||||||
family | windows | ||||||||||||||||
id | oval:org.mitre.oval:def:191 | ||||||||||||||||
status | accepted | ||||||||||||||||
submitted | 2003-10-10T12:00:00.000-04:00 | ||||||||||||||||
title | IIS Web Server File Request Parsing | ||||||||||||||||
version | 32 |
References
- http://www.securityfocus.com/bid/1912
- http://www.securityfocus.com/templates/archive.pike?mid=143604&list=1&fromthread=0&end=2000-11-11&threads=0&start=2000-11-05&
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-086
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5470
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A191