CVE-1999-0561

CVSS 2.0 Score 10 of 10 (high)

Details

Published Jan 1, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0561 is a vulnerability affecting Microsoft's Internet Information Services (IIS) version 3. The issue stems from the server's enabling of the #exec function for Server Side Includes (SSI) files. This functionality allows the execution of external commands, potentially leading to remote code execution attacks if an attacker can craft a specially crafted SSI file. The vulnerability poses a significant risk, as IIS is a widely-used web server software. It is recommended that affected systems be updated to a patched version of IIS as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlNxR
https://www.cve.org/CVERecord?id=CVE-1999-0561
https://nvd.nist.gov/vuln/detail/CVE-1999-0561

Back to Vulnerability Database

CVE-1999-0561

CVSS 2.0 Score 10 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations