Details of VAR-199912-0052

ID

VAR-199912-0052

CVE

CVE-1999-1233

TITLE

IIS Restrict access vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199912-180

DESCRIPTION

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. Any subsequent requests will be denied

Trust: 1.17

sources: NVD: CVE-1999-1233 // BID: 657

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	commercial internet system	scope:	eq	version:	2.5	Trust: 0.3

sources: BID: 657 // CNNVD: CNNVD-199912-180 // NVD: CVE-1999-1233

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1233
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-199912-180
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-1999-1233
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-199912-180 // NVD: CVE-1999-1233

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1233

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199912-180

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199912-180

EXTERNAL IDS

db:	BID	id:	657	Trust: 1.9
db:	NVD	id:	CVE-1999-1233	Trust: 1.6
db:	MSKB	id:	241562	Trust: 0.6
db:	XF	id:	3306	Trust: 0.6
db:	MS	id:	MS99-039	Trust: 0.6
db:	CNNVD	id:	CNNVD-199912-180	Trust: 0.6

sources: BID: 657 // CNNVD: CNNVD-199912-180 // NVD: CVE-1999-1233

REFERENCES

url:	http://support.microsoft.com/support/kb/articles/q241/5/62.asp	Trust: 1.9
url:	http://www.securityfocus.com/bid/657	Trust: 1.6
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039	Trust: 1.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/3306	Trust: 1.0
url:	http://xforce.iss.net/static/3306.php	Trust: 0.6
url:	http://www.microsoft.com/technet/security/bulletin/ms99-039.asp	Trust: 0.6
url:	http://www.microsoft.com/technet/security/bulletin/fq99-039.asp	Trust: 0.3

sources: BID: 657 // CNNVD: CNNVD-199912-180 // NVD: CVE-1999-1233

CREDITS

This was first publicized in Microsoft Security Bulletin MS99-039, released September 23, 1999.

Trust: 0.3

sources: BID: 657

SOURCES

db:	BID	id:	657
db:	CNNVD	id:	CNNVD-199912-180
db:	NVD	id:	CVE-1999-1233

LAST UPDATE DATE

2024-08-14T15:31:22.221000+00:00

SOURCES UPDATE DATE

db:	BID	id:	657	date:	1999-09-23T00:00:00
db:	CNNVD	id:	CNNVD-199912-180	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-1999-1233	date:	2018-10-12T21:29:23.403

SOURCES RELEASE DATE

db:	BID	id:	657	date:	1999-09-23T00:00:00
db:	CNNVD	id:	CNNVD-199912-180	date:	1999-12-31T00:00:00
db:	NVD	id:	CVE-1999-1233	date:	1999-12-31T05:00:00