CVE Vulnerabilities

CVE-1999-1538

Published: Jan 14, 1999 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator’s password.

Affected Software

Name Vendor Start Version End Version
Internet_information_server Microsoft 4.0 4.0

References