Details of VAR-199901-0177

ID

VAR-199901-0177

CVE

CVE-1999-1538

TITLE

Microsoft IIS 4.0 Remotely Web management ism.dll Files can be exploited by brute force vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-199901-040

DESCRIPTION

When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. Web-based administration for IIS 4.0 is, by default, limited to the local loopback address, 127.0.0.1. In instances where IIS4.0 was installed as an upgrade to IIS 2.0 or 3.0, a legacy ISAPI DLL (ISM.DLL) is left in the /scripts/iisadmin directory. An attacker may call this DLL via the following syntax: http://www.server.com/scripts/iisadmin/ism.dll?http/dir This URL prompts the user for a username/password to access the remote administration console

Trust: 1.17

sources: NVD: CVE-1999-1538 // BID: 189

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	iis	scope:	ne	version:	3.0	Trust: 0.3
vendor:	microsoft	model:	iis	scope:	ne	version:	2.0	Trust: 0.3

sources: BID: 189 // CNNVD: CNNVD-199901-040 // NVD: CVE-1999-1538

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1538
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-199901-040
value:	LOW
Trust: 0.6

nvd@nist.gov:	CVE-1999-1538
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-199901-040 // NVD: CVE-1999-1538

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1538

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-199901-040

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-199901-040

EXTERNAL IDS

db:	NVD	id:	CVE-1999-1538	Trust: 1.9
db:	BID	id:	189	Trust: 1.9
db:	NTBUGTRAQ	id:	19990114 MS IIS 4.0 SECURITY ADVISORY	Trust: 0.6
db:	NSFOCUS	id:	3434	Trust: 0.6
db:	NSFOCUS	id:	3377	Trust: 0.6
db:	NSFOCUS	id:	3434※3377	Trust: 0.6
db:	BUGTRAQ	id:	19990114 MS IIS 4.0 SECURITY ADVISORY	Trust: 0.6
db:	CNNVD	id:	CNNVD-199901-040	Trust: 0.6

sources: BID: 189 // CNNVD: CNNVD-199901-040 // NVD: CVE-1999-1538

REFERENCES

url:	http://www.securityfocus.com/bid/189	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=91638375309890&w=2	Trust: 1.0
url:	http://marc.info/?l=ntbugtraq&m=91632724913080&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=91632724913080&w=2	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=91638375309890&w=2	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/3434※3377	Trust: 0.6

sources: CNNVD: CNNVD-199901-040 // NVD: CVE-1999-1538

CREDITS

David Litchfield※ dlitchfield@atstake.com

Trust: 0.6

sources: CNNVD: CNNVD-199901-040

SOURCES

db:	BID	id:	189
db:	CNNVD	id:	CNNVD-199901-040
db:	NVD	id:	CVE-1999-1538

LAST UPDATE DATE

2024-08-14T13:51:37.942000+00:00

SOURCES UPDATE DATE

db:	BID	id:	189	date:	2009-07-11T00:16:00
db:	CNNVD	id:	CNNVD-199901-040	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-1999-1538	date:	2016-10-18T02:05:41.660

SOURCES RELEASE DATE

db:	BID	id:	189	date:	1999-01-14T00:00:00
db:	CNNVD	id:	CNNVD-199901-040	date:	1999-01-14T00:00:00
db:	NVD	id:	CVE-1999-1538	date:	1999-01-14T05:00:00