VAR-200005-0005
Vulnerability from variot - Updated: 2025-04-03 22:26Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. The virtual directory within IIS 4.0 and 5.0 contains .htr files which permits users to change passwords remotely. If a user initiates a password change request containing malformed data, the server CPU becomes fully utilized until the administrator performs a reboot to regain normal functionality. The patch available for this issue creates a similar vulnerability which is exploited by appending %3F+.htr to a request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200005-0005",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet information server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "internet information services",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet information server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "1191"
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cerberus Security Team\u203b CST@CERBERUS-INFOSEC.CO.UK",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
}
],
"trust": 0.6
},
"cve": "CVE-2000-0304",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0304",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0304",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200005-036",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the \"Undelimited .HTR Request\" vulnerability. The virtual directory within IIS 4.0 and 5.0 contains .htr files which permits users to change passwords remotely. If a user initiates a password change request containing malformed data, the server CPU becomes fully utilized until the administrator performs a reboot to regain normal functionality. \nThe patch available for this issue creates a similar vulnerability which is exploited by appending %3F+.htr to a request",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0304"
},
{
"db": "BID",
"id": "1191"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1191",
"trust": 1.9
},
{
"db": "NVD",
"id": "CVE-2000-0304",
"trust": 1.6
},
{
"db": "MS",
"id": "MS00-031",
"trust": 0.6
},
{
"db": "ISS",
"id": "20000511 MICROSOFT IIS REMOTE DENIAL OF SERVICE ATTACK",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3450",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "1191"
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"id": "VAR-200005-0005",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2025-04-03T22:26:28.548000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://xforce.iss.net/alerts/advise52.php3"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/1191"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms00-031.mspx"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3450"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/fq00-031.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q260/0/69.asp"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/support/kb/articles/q260/8/38.asp"
}
],
"sources": [
{
"db": "BID",
"id": "1191"
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "1191"
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-05-10T00:00:00",
"db": "BID",
"id": "1191"
},
{
"date": "2000-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"date": "2000-05-10T04:00:00",
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-05-10T00:00:00",
"db": "BID",
"id": "1191"
},
{
"date": "2005-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200005-036"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0304"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft IIS 4.0/5.0 deformity .HTR Request Denial of Service Attack Vulnerability (MS00-031)",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "1191"
},
{
"db": "CNNVD",
"id": "CNNVD-200005-036"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…