PT-1999-1834 · Microsoft · Iis+1
Publicado
1999-12-21
·
Atualizado
2018-10-12
·
CVE-2000-0025
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IIS versions 4.0
Site Server versions 3.0
Description:
The issue allows remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes certain extensions.
Recommendations:
For IIS version 4.0, rename virtual directories to avoid using extensions such as .com, .exe, .sh, .cgi, or .dll.
For Site Server version 3.0, rename virtual directories to avoid using extensions such as .com, .exe, .sh, .cgi, or .dll.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Iis
Site Server