Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0336 — Microsoft Internet Information Server vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
15.8%
top 5.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Information Server
Timeline
PublishedJun 27
Latest updateApr 30

Description

The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-78qx-2576-5ph4: The Microsoft MS00-060 patch for IIS 5↗2022-04-30
â–¶
CVEList
CVE-2001-0336: The Microsoft MS00-060 patch for IIS 5↗2001-09-18
â–¶

💥Exploits & PoCs

1
Exploit-DB
Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026)↗2000-05-14
â–¶
CVE-2001-0336 — Microsoft vulnerability | cvebase