Mnemonix

11 exploits Active since Jan 1999
CVE-1999-0448 EXPLOITDB c WORKING POC
Internet Information Server 4.0 - URL Obfuscation via Long HTTP Request Method
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
CVE-1999-0360 EXPLOITDB text WORKING POC
MS Site Server 2.0 - Command Injection
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
CVE-1999-0450 EXPLOITDB text WRITEUP
Internet Information Server - Path Disclosure via Perl Script Request
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
CVE-1999-1538 EXPLOITDB text WRITEUP
Internet Information Server 4 - Unauthenticated Sensitive Information Exposure via ism.dll
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
EIP-2026-117573 EXPLOITDB c WORKING POC
Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions
EIP-2026-117576 EXPLOITDB c WORKING POC
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key
EIP-2026-115811 EXPLOITDB text WORKING POC
Microsoft Windows NT 4.0 - DCOM Server
CVE-2000-0126 EXPLOITDB text WRITEUP
Internet Information Server 3 and 4 - Path Traversal via IDQ Scripts
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
CVE-2000-0869 EXPLOITDB text WORKING POC
Apache HTTP Server 1.3.12 - Unauthenticated Directory Listing via WebDAV PROPFIND
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
CVE-1999-0467 EXPLOITDB text WRITEUP
Webcom CGI Guestbook - Info Disclosure
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.
CVE-1999-0467 EXPLOITDB text WRITEUP
Webcom CGI Guestbook - Info Disclosure
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.