Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2001-0500

EPSS 90.19% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2001-0500

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IIS .IDA / .IDQ ISAPI扩展远程缓冲区溢出漏洞(MS01-033)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
微软IIS默认安装情况下带了一个索引服务器(Index Server,在Windows 2000下为"Index Service")。默认安装时,IIS支持两种脚本映射:管理脚本(.ida文件)、Internet数据查询脚本(.idq文件)。这两种脚本都由一个ISAPI扩展 - idq.dll来处理和解释。 idq.dll实现上存在一个缓冲区溢出漏洞,远程攻击者可以利用此漏洞通过溢出攻击以"Local System"的权限在主机上执行任意指令。 由于idq.dll在处理某些URL请求时存在一个未经检查的缓
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2001-0500

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2001-0500

登录查看更多情报信息。

Same Patch Batch · n/a · 2002-03-09 · 428 CVEs total

CVE-2001-0589NetScreen-10和Netscreen-100 NetScreen ScreenOS存在漏洞
CVE-2001-0625Computer Associates InoculateIT ftpdownload 安全漏洞
CVE-2001-0622Cisco Content Service交换机管理认证绕过漏洞
CVE-2001-0621Cisco Content Service交换机FTP访问控制漏洞
CVE-2001-0616Faust Informatics Freestyle Chat服务器服务拒绝漏洞
CVE-2001-0615Faust Informatics Freestyle Chat目录遍历漏洞
CVE-2001-0613Omnicron Technologies OmniHTTPD Professional拒绝服务漏洞
CVE-2001-0611Becky!特权提升漏洞
CVE-2001-0596Netscape Navigator 'about:'Domain信息泄露漏洞
CVE-2001-0595Solaris kcms_configure 缓冲区溢出漏洞
CVE-2001-0594Solaris kcms_configure获取额外特权漏洞
CVE-2001-0593Ananconda Partners Clipper文件泄露漏洞
CVE-2001-0591Oracle JSP和Oracle iAS Release目录遍历漏洞
CVE-2001-0590Apache Software Foundation Tomcat Servlet读取任意'jsp'文件的源代码漏洞
CVE-2001-0559Vixie cron特权提升漏洞
CVE-2001-0564APC Telnet管理服务拒绝漏洞
CVE-2001-0563ElectroSystems Engineering Inc. ElectroComm服务拒绝
CVE-2001-0560Vixie cron缓冲区溢出漏洞
CVE-2001-0565Solaris mailx -F缓冲区溢出漏洞
CVE-2001-0558T. Hauck Jana Webserver服务拒绝漏洞

Showing top 20 of 428 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2001-0500

No comments yet

Leave a comment