See also

MICROSOFT : Internet Information Server 6.0

MICROSOFT : Internet Information Server 5.1

MICROSOFT : Internet Information Server 4.0

Name: MICROSOFT : Internet Information Server 5.0

7!	Microsoft Internet Information Server DoS updated since 18.12.2005
		Request like http://www.example.com/_vti_bin/.dll/*\~0 for virtual folders with CGI execution enabled causes server to crash and potentially leads to code execution.
6!	Microsoft IS error pages information leak
		Request variable SERVER_NAME controllable by client is used to validate server access.
6!	Multiple FTP servers path globbing DoS updated since 16.03.2001
		Command like ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* causes server to hang.
6!	Microsoft WebDAV XML DoS
		Large number of attributes in requests causes resource exhaustion.
	Internet explorer (and others) CA certificate attack updated since 15.08.2002
		For intermediate CA only signature is checked, missed check for basic constaint allows to use any valid certificate as CA certificate.
7!	Microsoft Internet Information Services multiple bugs updated since 29.05.2003
		Windows Media Services DoS, Crossite scripting, local buffer overflows, DoS through WebDAV.
8!	Microsoft IIS WebDav buffer overflow updated since 18.03.2003
		Buffer overflow in path conversion routine.
	Microsoft IIS local ASP DoS
		Insertion of oversized header line via Response.AddHeader causes server to crash.
	Microsoft IIS .idc crossite scripting
		On oversized URL error message contains URL without modification.
6!	Buffer overflow in Microsoft FrontPage SmartHTML
		Buffer overflow in shtml.dll
	Mail relaying via IIS SMTP service
		Unauthorized mail relayin then using speciall address format.
7!	Buffer overflow in Microsoft IIS HTR
		Buffer overflow on chunk-encoded POST request.
8!	Multiple bugs in Microsoft Internet Information Server updated since 10.04.2002
		Multiple buffer overflows, crossite scripting, DoS.
	DoS через Content-Length в Microsoft IIS
6!	Повышение привилегий в IIS (privelege escalation) updated since 16.08.2001
	DoS против обработчика ASP в IIS (ASP special device name DoS)
	Переполнение буфера в FrontPage Server Extensions (RAD buffer overflow) updated since 23.06.2001
	DoS против IIS (malformed WebDav request) updated since 11.03.2001
8!	Дырка в IIS (double decoding directory traversal) updated since 15.05.2001
9!	Дырка в IIS 5 (Internet Printing Protocol buffer overflow) updated since 03.05.2001
	DoS против IIS 5.0 (Malformed URL)
	Дырка в HTR-файлах IIS updated since 11.05.2000
6!	DoS против IIS (format string)
	DoS против IIS через FrontPage Server Extensions (Web Form Submission) updated since 22.12.2000
6!	Дырка в IIS (File Request Parsing) updated since 08.11.2000
	Компрометация сервера через URL (URL javascript) updated since 22.08.2000
	Уявзвимость в IIS при обработке HTW (.htw URL script)
	Проблемы с Secure Session Id в IIS
7!	Заткнута дырка в IIS (File Permission Canonicalization, Web Server Folder Traversal) updated since 12.08.2000
6!	Заткнута дырка в IIS (Specialized Header) updated since 15.08.2000
	Заткнута дырка в IIS updated since 15.07.2000
6!	DoS через расширения URL в IIS
6!	Заткнута очередная дырка в IIS
6!	Microsoft заткнул дырку в IIS