← back
CVE-1999-1538

CVE-1999-1538

EPSS 25.5%
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/19147unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=91638375309890&w=2http://marc.info/?l=ntbugtraq&m=91632724913080&w=2http://www.securityfocus.com/bid/189