PT-2000-1809 · Microsoft · Iis

Published

2000-12-19

Updated

2018-10-30

CVE-2000-0886

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IIS version 5.0

Description The issue allows remote attackers to execute arbitrary commands by sending a malformed request for an executable file whose name is appended with operating system commands.

Recommendations For IIS version 5.0, update to a newer version that includes a fix for this issue to prevent remote attackers from executing arbitrary commands.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0886

Affected Products

Iis

PT-2000-1809 · Microsoft · Iis

CVE-2000-0886

Related Identifiers

Affected Products

References · 8