Vulnerabilities > Microsoft > Internet Information Services > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0422 | Information Exposure vulnerability in Microsoft Internet Information Services 5.0 IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header. | 2.6 |
2001-10-30 | CVE-2001-0544 | Denial of Service vulnerability in Microsoft Internet Information Services 5.0 IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | 2.1 |
2000-07-13 | CVE-2000-0649 | Information Exposure vulnerability in Microsoft products IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined. | 2.6 |