Search
Keyword: troj_iis.alien
"/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot). Microsoft IIS 5.1 Trend Micro Deep Security shields networks through Deep
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
CVE-1999-1011 The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. Microsoft IIS 4.0,Microsoft IIS 5.0
CVE-2001-0333 Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. Microsoft IIS
CVE-1999-0449 The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp
CVE-1999-0736 The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. Microsoft IIS 4.0 Trend Micro Deep Security shields networks through Deep Packet
/_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. Microsoft IIS 5.1 Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense
CVE-1999-1376 Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. Microsoft IIS 4.0 Trend Micro Deep Security shields
CVE-1999-0407 By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
CVE-1999-0737 The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. Microsoft IIS 4.0 Trend Micro Deep Security shields networks through Deep Packet
CVE-2000-0778 cve: IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header
CVE-1999-0874 Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. Microsoft IIS 4.0,Microsoft
specially crafted FTP command. FTP Service is not installed by default on IIS. More specifically, this update addresses the vulnerability by modifying the way that the IIS FTP Service handles specially
CVE-1999-0233 IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. Microsoft IIS 1.0 Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules.
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
Server API (ISAPI) with parameters greater than the allowed size, and arrives in the packet data. The IIS (Internet Information Service) attempts to process the bulk of the data, which then causes buffer
"Request Header Buffer Overflow Vulnerability." nvd: Per: http://www.microsoft.com/technet/security/Bulletin/MS10-065.mspx 'FastCGI is not enabled by default in IIS.' microsoft iis 7.5 Apply associated Trend
CVE-2002-1310 Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET
this advisory's vulnerability identifier(s): Vulnerability ID Identifier & Title IDF First Pattern Version IDF First Pattern Release Version CVE-2010-1899 1004396 - IIS Repeated Parameter Request Denial