Description

Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.

Remediation

References

CVE-2000-0304

Related Vulnerabilities

WordPress Plugin PitchPrint Arbitrary File Upload (7.2.1)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)

Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)

Apache Tomcat Improper Input Validation Vulnerability (CVE-2012-2733)

Severity

Medium

Classification

CVE-2000-0304

Tags

Missing Update Known Vulnerabilities