CVE-1999-1591

Currently unrated

Key Information:

Vendor
Microsoft
Status
Visual Interdev
Internet Information Server
Vendor
CVE Published:
31 December 1999

Summary

Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.

References

http://archives.neohapsis.com/archives/ntbugtraq/1998-199...
mailing-listx_refsource_NTBUGTRAQ
http://www.securityfocus.com/bid/190
vdb-entryx_refsource_BID
http://archives.neohapsis.com/archives/ntbugtraq/1998-199...
mailing-listx_refsource_NTBUGTRAQ

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

Collectors

NVD DatabaseMitre Database
.