Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2000-0304

EPSS 51.69% · P98
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2000-0304

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IIS 4.0/5.0畸形.HTR请求拒绝服务攻击漏洞(MS00-031)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IIS是一款Windows NT/2000系统自带的的Web服务器软件,由Microsoft公司开发维护。IIS支持对一些特定文件名后缀(如.ASP、.IDC、.HTR)的文件请求执行进一步的处理,当服务器接到此类文件的请求时,每种后缀的文件由一个特定的DLL文件处理。ISM.DLL用于处理.HTR、.STM、.IDC为后缀的文件请求。 IIS在处理畸形的.htr请求时会导致服务器CPU占用率100%,必须重新启动才能恢复功能。 包含在虚拟目录中的.htr程序允许用户远程更改口令。如果用户提交一个畸形的更
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2000-0304

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2000-0304

登录查看更多情报信息。

Same Patch Batch · n/a · 2000-07-12 · 140 CVEs total

CVE-2000-0417Cayman 3220-H DSL路由器DoS漏洞
CVE-2000-0452Lotus Domino Server ESMTP远程缓冲区溢出漏洞
CVE-2000-0442Qualcomm Qpopper 'EUIDL'格式字符串输入漏洞
CVE-2000-0441AIX文件系统漏洞
CVE-2000-0439Microsoft Internet Explorer 安全漏洞
CVE-2000-0438Multiple Linux 供应商fdmount缓冲区溢出漏洞
CVE-2000-0437Gauntlet防火墙远程缓冲区溢出漏洞
CVE-2000-0436MetaProducts Offline Explorer目录遍历漏洞
CVE-2000-0435Allmanage管理员密码检索漏洞
CVE-2000-0432calender.pl/calendar_admin.pl脚本远程执行任意命令漏洞
CVE-2000-0431Cobalt RaQ2和RaQ3访问控制漏洞
CVE-2000-0428InterScan VirusWall 文件名转换器缓冲区溢出漏洞
CVE-2000-0427Aladdin Knowledge Systems eToken PIN Extraction 漏洞
CVE-2000-0425L-Soft Listserv 1.8 Web Archives的缓冲区溢出漏洞
CVE-2000-0424George Burgyan CGI Counter输入验证漏洞
CVE-2000-0421Bugzilla远程任意命令这些漏洞
CVE-2000-0419Microsoft Office 2000 UA Control漏洞
CVE-2000-0418Cayman 3220H DSL路由器 "ping of death"漏洞
CVE-2000-0404Microsoft Windows Computer Browser重置漏洞
CVE-2000-0402Microsoft SQL Server 7.0系统管理员密码泄露漏洞

Showing top 20 of 140 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2000-0304

No comments yet

Leave a comment