Remote Code Execution Vulnerability in Microsoft Site Server 2.0
CVE-1999-0360

Currently unrated

Key Information:

Vendor: Microsoft
Status: Site Server
Vendor: CVE Published:; 30 January 1999

Summary

Microsoft Site Server 2.0, when paired with Internet Information Services (IIS) 4, has a serious flaw that permits unauthorized users to upload files, including Active Server Pages (ASP). This exploit can lead to the execution of arbitrary commands on the web server, posing a significant risk to the integrity and security of the hosted applications and data.

References

http://marc.info/?l=bugtraq&m=91763097004101&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jan 30, 1999