CVE-2000-0304 - OpenCVE

Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Internet Information Server Internet Information Services

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:internet_information_server:4.0:::::::*
	cpe:2.3:a:microsoft:internet_information_services:5.0:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/1191
http://xforce.iss.net/alerts/advise52.php3
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2000-07-12T04:00:00

Updated: 2005-11-02T10:00:00

Reserved: 2000-05-08T00:00:00

Link: CVE-2000-0304

JSON object: View

NVD Information

Status : Modified

Published: 2000-05-10T04:00:00.000

Modified: 2018-10-30T16:25:10.357

Link: CVE-2000-0304

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-05-10T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the \"Undelimited .HTR Request\" vulnerability."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1191", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1191"}, {"name": "MS00-031", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031"}, {"name": "20000511 Microsoft IIS Remote Denial of Service Attack", "tags": ["third-party-advisory", "x_refsource_ISS"], "url": "http://xforce.iss.net/alerts/advise52.php3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0304", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the \"Undelimited .HTR Request\" vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1191"}, {"name": "MS00-031", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031"}, {"name": "20000511 Microsoft IIS Remote Denial of Service Attack", "refsource": "ISS", "url": "http://xforce.iss.net/alerts/advise52.php3"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0304", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-05-08T00:00:00", "dateUpdated": "2005-11-02T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}