var-199909-0007
Vulnerability from variot
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. IIS 4.0 FTP servers which have installed a specific post SP5 FTP hotfix are vulnerable to an exploit whereby FTP clients may download. Web browser FTP clients may be able to view and/or download these files, while specially crafted requests from non-browser based FTP clients may be able to delete these files. This vulnerability only affects IIS 4.0 servers running NT 4.0 SP5 with a specific post SP5 hotfix for an FTP get error as described in http://support.microsoft.com/support/kb/articles/Q237/9/87.ASP . Microsoft states there are no negative ramifications to applying this hotfix to SP4 or SP5 hosts who have not installed the previously referenced FTP hotfix. To see if you are vulnerable, check the file version for Ftpsvc.dll. Versions 0718 through 0722 are thought to be vulnerable, although Microsoft documentation is unclear as to whether the vulnerable versions start with 0718 or 0719. Version 0724 represents the version installed by the latest hotfix. The hotfix designed to correct this problem was not released in time for the upcoming NT 4.0 Service Pack 6. Service Pack 6 contains the "buggy" hotfix and will be vulnerable to this error when it is released. It will be necessary to install the corresponding hotfix after installing Service Pack 6, regardless of whether or not the Service Pack 5 installation was vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199909-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "commercial internet system",
"scope": "eq",
"trust": 1.9,
"vendor": "microsoft",
"version": "2.5"
},
{
"model": "internet information server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "658"
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This information was first made public in an advisory from Microsoft \u003cMS99-039\u003e. Microsoft credits Roberto Franceschetti for discovering this vulnerability.",
"sources": [
{
"db": "BID",
"id": "658"
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0777",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0777",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0777",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199909-041",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have \"No Access\" permissions. IIS 4.0 FTP servers which have installed a specific post SP5 FTP hotfix are vulnerable to an exploit whereby FTP clients may download. Web browser FTP clients may be able to view and/or download these files, while specially crafted requests from non-browser based FTP clients may be able to delete these files. \nThis vulnerability only affects IIS 4.0 servers running NT 4.0 SP5 with a specific post SP5 hotfix for an FTP get error as described in \u003chttp://support.microsoft.com/support/kb/articles/Q237/9/87.ASP \u003e. Microsoft states there are no negative ramifications to applying this hotfix to SP4 or SP5 hosts who have not installed the previously referenced FTP hotfix. \nTo see if you are vulnerable, check the file version for Ftpsvc.dll. Versions 0718 through 0722 are thought to be vulnerable, although Microsoft documentation is unclear as to whether the vulnerable versions start with 0718 or 0719. Version 0724 represents the version installed by the latest hotfix. \nThe hotfix designed to correct this problem was not released in time for the upcoming NT 4.0 Service Pack 6. Service Pack 6 contains the \"buggy\" hotfix and will be vulnerable to this error when it is released. It will be necessary to install the corresponding hotfix after installing Service Pack 6, regardless of whether or not the Service Pack 5 installation was vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0777"
},
{
"db": "BID",
"id": "658"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "658",
"trust": 1.9
},
{
"db": "NVD",
"id": "CVE-1999-0777",
"trust": 1.6
},
{
"db": "MSKB",
"id": "Q242559",
"trust": 0.6
},
{
"db": "MSKB",
"id": "Q241407",
"trust": 0.6
},
{
"db": "MS",
"id": "MS99-039",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "658"
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"id": "VAR-199909-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-22T23:00:47.603000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/658"
},
{
"trust": 2.0,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq241407"
},
{
"trust": 2.0,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq242559"
},
{
"trust": 2.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms99-039.asp"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/default.aspx?scid=kb;%5bln%5d;q242559"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/default.aspx?scid=kb;%5bln%5d;q241407"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q241/8/05.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q241/4/07.asp"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/fq99-039.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q237/9/87.asp"
}
],
"sources": [
{
"db": "BID",
"id": "658"
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "658"
},
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-09-23T00:00:00",
"db": "BID",
"id": "658"
},
{
"date": "1999-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"date": "1999-09-23T04:00:00",
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-09-23T00:00:00",
"db": "BID",
"id": "658"
},
{
"date": "2005-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199909-041"
},
{
"date": "2024-11-20T23:29:26.817000",
"db": "NVD",
"id": "CVE-1999-0777"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft IIS FTP NO ACCESS Read / delete File vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199909-041"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…