Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0167Microsoft Internet Information Server vulnerability

5 documents4 sources
Severity
2.1LOWNVD
EPSS
0.2%
top 58.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Information Server
Timeline
PublishedFeb 15
Latest updateApr 30

Description

IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-gmg7-xp25-93hp: IIS Inetinfo2022-04-30
CVEList
CVE-2000-0167: IIS Inetinfo2000-02-23

💥Exploits & PoCs

2
Exploit-DB
Michael Lamont Savant Web Server 2.1/3.0 - Remote Buffer Overflow2000-07-03
Exploit-DB
Microsoft IIS 4.0 - Pickup Directory Denial of Service2000-02-15
CVE-2000-0167 — Microsoft vulnerability | cvebase