CVE-1999-0777

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Sep 23, 1999

Updated: Nov 20, 2024

CWE ID 264

Summary

CVE-1999-0777 is a vulnerability affecting Microsoft's Internet Information Services (IIS) FTP servers. This issue allows unauthorized remote users to read or delete files on the server, even if those files are assigned "No Access" permissions. An attacker can take advantage of a flaw in the way IIS handles FTP directory listings to bypass access restrictions and gain unintended file manipulation capabilities. This vulnerability poses a significant risk to data confidentiality and integrity on affected IIS FTP servers.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlMKt
https://www.cve.org/CVERecord?id=CVE-1999-0777
https://nvd.nist.gov/vuln/detail/CVE-1999-0777

Back to Vulnerability Database