What is CVE-2001-0506?

CVE-2001-0506 is a vulnerability in N/a. Published 2002-03-09.

Is CVE-2001-0506 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privile…

EPSS: 0.776 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

20011127 IIS Server Side Include Buffer overflow exploit code (mailing-list, x_refsource_BUGTRAQ)
20010817 NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)
3190 (vdb-entry, x_refsource_BID)
iis-ssi-directive-bo(6984) (vdb-entry, x_refsource_XF)
L-132 (government-resource, third-party-advisory, x_refsource_CIAC)
MS01-044 (x_refsource_MS, vendor-advisory)

Frequently asked questions

What is CVE-2001-0506?: CVE-2001-0506 is a vulnerability in N/a. Published 2002-03-09.
Is CVE-2001-0506 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.