CVE

Id
359  
CVE No.
CVE-1999-0360  
Status
Candidate  
Description
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.  
Phase
Modified (20000530-01)  
Votes
ACCEPT(6) Blake, Cole, Collins, Landfield, Northcutt, Wall | MODIFY(3) Baker, Frech, LeBlanc | NOOP(4) Armstrong, Christey, Ozancin, Prosser  
Comments
Christey> I can"t find the original Bugtraq posting (it appears that | mnemonix discovered the problem). | LeBlanc> - if there was a fix or a KB article, I"d ACCEPT. A vuln based on a | BUGTRAQ posting we can"t find could be anything. | Baker> Vulnerability Reference (HTML) Reference Type | http://www.securityfocus.com/archive/1/12218 Misc Defensive InfoVulnerability Reference (HTML) Reference Type | THis is the URL for the Bugtraq posting. It was cross posted to | NT Bugtraq as well, but identical text. It was Mnemonix... | Christey> BID:1811 | URL:http://www.securityfocus.com/bid/1811 | Christey> CHANGEREF BUGTRAQ add "Server 2." to the subject. | Also standardize NTBUGTRAQ reference title. | Christey> Add "uploadn.asp" to the description. | CHANGE> [Frech changed vote from REVIEWING to MODIFY] | Frech> XF:siteserver-user-dir-permissions(5384)  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
752 359 CVE-1999-0360 BUGTRAQ:19990130 Security Advisory for Internet Information Server 4 with Site  View
753 359 CVE-1999-0360 URL:http://marc.info/?l=bugtraq&m=91763097004101&w=2  View

Related JVN