Remote File Exposure Vulnerability in Microsoft IIS and Site Server
CVE-1999-1451

Currently unrated

Key Information:

Vendor: Microsoft
Status: Site Server; Internet Information Server
Vendor: CVE Published:; 31 December 1999

Summary

The vulnerability exists within the Winmsdp.exe sample file in Microsoft Internet Information Services (IIS) 4.0 and Site Server 3.0, allowing remote attackers to gain unauthorized access to read arbitrary files stored on the server. This could potentially expose sensitive information or configuration files, leading to further attacks or compromises.

References

http://support.microsoft.com/support/kb/articles/q231/3/6...

vendor-advisoryx_refsource_MSKB

https://exchange.xforce.ibmcloud.com/vulnerabilities/3271

vdb-entryx_refsource_XF

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Dec 31, 1999