CVE-1999-1538

Internet Information Server 4 - Unauthenticated Sensitive Information Exposure via ism.dll

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1538. PoCs published by Mnemonix.

AI-analyzed exploit summary This is a writeup describing an information leakage vulnerability in IIS 4.0 due to a legacy ISAPI DLL (ISM.DLL) left in the /scripts/iisadmin directory. An attacker can access the remote administration console via a specific URL, potentially gathering sensitive server configuration details.

Description

When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mnemonix · textremotewindows
https://www.exploit-db.com/exploits/19147

This is a writeup describing an information leakage vulnerability in IIS 4.0 due to a legacy ISAPI DLL (ISM.DLL) left in the /scripts/iisadmin directory. An attacker can access the remote administration console via a specific URL, potentially gathering sensitive server configuration details.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft IIS 4.0
Auth required
Prerequisites: IIS 4.0 installed as an upgrade from IIS 2.0 or 3.0 · Legacy ISM.DLL present in /scripts/iisadmin directory
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=91638375309890&w=2
Mailing List mailing-list x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=91632724913080&w=2
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/189

Scores

EPSS 0.2546
EPSS Percentile 97.7%

Details

Status published
Products (1)
microsoft/internet_information_server 4.0
Published Jan 14, 1999
Tracked Since Feb 18, 2026