VAR-200109-0117
Vulnerability from variot - Updated: 2025-04-03 20:33Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. A buffer overflow in the code that processes server-side include files on IIS 4.0 and IIS 5.0 could allow an intruder to execute code with the privileges of the web server. Microsoft IIS Implemented in SSI The function handles file names including path names to be included DLL Contains a vulnerability that causes a buffer overflow.Local System An arbitrary code may be executed with the execution right
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200109-0117",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet information server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "internet information services",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet information server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "BID",
"id": "3190"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was reported by the NSFocus Security Team.",
"sources": [
{
"db": "BID",
"id": "3190"
}
],
"trust": 0.3
},
"cve": "CVE-2001-0506",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2001-0506",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#630531",
"trust": 0.8,
"value": "12.66"
},
{
"author": "NVD",
"id": "CVE-2001-0506",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200109-088",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the \"SSI privilege elevation\" vulnerability. A buffer overflow in the code that processes server-side include files on IIS 4.0 and IIS 5.0 could allow an intruder to execute code with the privileges of the web server. Microsoft IIS Implemented in SSI The function handles file names including path names to be included DLL Contains a vulnerability that causes a buffer overflow.Local System An arbitrary code may be executed with the execution right",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0506"
},
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "BID",
"id": "3190"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3190",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2001-0506",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#630531",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130",
"trust": 0.8
},
{
"db": "XF",
"id": "6984",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20010817 NSFOCUS SA2001-06 : MICROSOFT IIS SSINC.DLL BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011127 IIS SERVER SIDE INCLUDE BUFFER OVERFLOW EXPLOIT CODE",
"trust": 0.6
},
{
"db": "CIAC",
"id": "L-132",
"trust": 0.6
},
{
"db": "MS",
"id": "MS01-044",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "BID",
"id": "3190"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"id": "VAR-200109-0117",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2025-04-03T20:33:55.929000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS01-044",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/Security/Bulletin/ms01-044.asp"
},
{
"title": "MS01-044",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS01-044.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.securityfocus.com/bid/3190"
},
{
"trust": 1.7,
"url": "http://www.microsoft.com/technet/security/bulletin/ms01-044.asp"
},
{
"trust": 1.6,
"url": "http://www.ciac.org/ciac/bulletins/l-132.shtml"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/archive/1/242541"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6984"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=99802093532233\u0026w=2"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;q301625"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0506"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0506"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/6984.php"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=99802093532233\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security"
},
{
"trust": 0.3,
"url": "http://www.nsfocus.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "BID",
"id": "3190"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#630531"
},
{
"db": "BID",
"id": "3190"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-07-13T00:00:00",
"db": "CERT/CC",
"id": "VU#630531"
},
{
"date": "2001-08-15T00:00:00",
"db": "BID",
"id": "3190"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"date": "2001-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"date": "2001-09-20T04:00:00",
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-07-13T00:00:00",
"db": "CERT/CC",
"id": "VU#630531"
},
{
"date": "2001-08-15T00:00:00",
"db": "BID",
"id": "3190"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000130"
},
{
"date": "2005-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-088"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0506"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Server (IIS) vulnerable to buffer overflow via malformed server-side include directive",
"sources": [
{
"db": "CERT/CC",
"id": "VU#630531"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200109-088"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…