Vulnerabilities > Microsoft > Internet Information Server > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-02-15 | CVE-2000-0167 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | 2.1 |
| 2000-02-02 | CVE-2000-0114 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. | 5.0 |
| 2000-01-26 | CVE-2000-0126 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. | 5.0 |
| 2000-01-11 | CVE-2000-0071 | Unspecified vulnerability in Microsoft products IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | 5.0 |
| 1999-12-31 | CVE-1999-1591 | Authentication vulnerability in Microsoft VisualInterDev 6.0 - IIS4- Management With No Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | 7.5 |
| 1999-12-31 | CVE-1999-1451 | Unspecified vulnerability in Microsoft Internet Information Server and Site Server The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. | 5.0 |
| 1999-12-31 | CVE-1999-1233 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. | 7.5 |
| 1999-12-31 | CVE-1999-1148 | Unspecified vulnerability in Microsoft Internet Information Server FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | 5.0 |
| 1999-12-31 | CVE-1999-1035 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | 5.0 |
| 1999-07-19 | CVE-1999-1011 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | 10.0 |