CVE-1999-1538

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Jan 14, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1538 is a vulnerability affecting Internet Information Services (IIS) versions 2 and 3. When upgrading to IIS 4, ism.dll is inadvertently left in the /scripts/iisadmin directory. This file does not restrict access to the local machine, allowing unauthorized users to obtain sensitive server information, including the Administrator's password. This vulnerability poses a significant risk to system security and should be addressed promptly by removing the ism.dll file or securing the /scripts/iisadmin directory.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft IIS

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlYlW
https://www.cve.org/CVERecord?id=CVE-1999-1538
https://nvd.nist.gov/vuln/detail/CVE-1999-1538

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners