Vulnerabilities > CVE-2003-1566 - Configuration vulnerability in Microsoft Internet Information Services 5.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

microsoft

CWE-16

exploit available

NVD

Published: 2009-01-15

Updated: 2017-08-08

Summary

Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Information Services 5.0	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

Exploit-Db

description	Microsoft IIS 5.0 Failure To Log Undocumented TRACK Requests Vulnerability. CVE-2003-1566. Remote exploit for windows platform
id	EDB-ID:23490
last seen	2016-02-02
modified	2003-12-29
published	2003-12-29
reporter	Parcifal Aertssen
source	https://www.exploit-db.com/download/23490/
title	Microsoft IIS 5.0 Failure To Log Undocumented TRACK Requests Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References