Description

IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.

Remediation

References

CVE-2000-0886

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)

WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)

Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562)

Sqlite CVE-2015-5895 Vulnerability (CVE-2015-5895)

Severity

High

Classification

CVE-2000-0886

Tags

Missing Update Known Vulnerabilities