Vulnerability in Microsoft Commercial_internet_system

CVE-1999-0777

IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.

EPSS: 0.120 (95.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Commercial_internet_system — versions 2.5
Microsoft Internet_information_server — versions 4.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (vendor-advisory, x_refsource_MSKB)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vendor-advisory, x_refsource_MSKB)
cve@mitre.org (x_refsource_MS, vendor-advisory)