Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Information Services 安全漏洞
Vulnerability Description
Microsoft Internet Information Services(IIS)是美国微软(Microsoft)公司的一款适用于Windows Server平台的Web服务器。 Microsoft Internet Information Services 4.x和5.x版本的CGI实现过程中存在安全漏洞。远程攻击者可借助HTTP头消息中的‘ ’字符利用该漏洞修改任意大写的环境变量。
CVSS Information
N/A
Vulnerability Type
N/A