Vulnerability in Microsoft Internet Information Services (IIS) Server 4.0 SP4
CVE-1999-1591

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Interdev; Internet Information Server
Vendor: CVE Published:; 31 December 1999

What is CVE-1999-1591?

The Microsoft Internet Information Services (IIS) Server version 4.0 SP4, when lacking specific hotfixes, permits unauthorized access by not enforcing authentication requirements under certain conditions. This flaw can be exploited by remote attackers to gain access without the need for credentials, particularly through tools like Microsoft Visual InterDev 6.0, highlighting significant security implications for users and administrators.

References

http://archives.neohapsis.com/archives/ntbugtraq/1998-199...

mailing-listx_refsource_NTBUGTRAQ

http://www.securityfocus.com/bid/190

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/ntbugtraq/1998-199...

mailing-listx_refsource_NTBUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 1999