Description

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.

Remediation

References

CVE-1999-0407

Related Vulnerabilities

WordPress Plugin Child Themes Helper Multiple Vulnerabilities (2.0)

PostgreSQL Other Vulnerability (CVE-2007-0555)

MySQL CVE-2023-21875 Vulnerability (CVE-2023-21875)

Sqlite Use of Uninitialized Resource Vulnerability (CVE-2015-3414)

WordPress Plugin Frontend File Manager Arbitrary File Upload (1.8)

Severity

Critical

Classification

CVE-1999-0407

Tags

Missing Update Known Vulnerabilities