CVE-1999-1538

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Jan 14, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1538 refers to a vulnerability in Internet Information Services (IIS) versions 2 and 3. When upgrading to IIS 4, the ism.dll file is unintentionally left in the /scripts/iisadmin directory. This file does not impose access restrictions to the local machine, enabling unauthorized users to infiltrate sensitive server information, including the Administrator's password. This vulnerability can lead to serious security implications if exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlYlW
https://www.cve.org/CVERecord?id=CVE-1999-1538
https://nvd.nist.gov/vuln/detail/CVE-1999-1538

Back to Vulnerability Database