PT-1999-1808 · Microsoft · Internet Information Services+1

Published

1999-12-31

Updated

2008-09-05

CVE-1999-1591

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Information Services (IIS) server version 4.0 SP4

Description: The issue allows remote attackers to bypass authentication requirements under certain conditions, as demonstrated by connecting via Microsoft Visual InterDev 6.0, because the server does not require authentication credentials.

Recommendations: For Microsoft Internet Information Services (IIS) server version 4.0 SP4, apply the certain hotfixes released for SP4 to require authentication credentials and prevent bypassing of authentication requirements.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1591

Affected Products

Internet Information Services

Visual Interdev

PT-1999-1808 · Microsoft · Internet Information Services+1

CVE-1999-1591

Related Identifiers

Affected Products

References · 5