CVE-2002-1744

Name of the Vulnerable Software and Affected Versions Microsoft IIS version 5.0

Description A directory traversal issue exists, allowing remote attackers to view source code and determine the existence of arbitrary files. This is achieved by using a hex-encoded string, %c0%ae%c0%ae, which represents the Unicode for ".." (dot dot).

Recommendations For Microsoft IIS version 5.0, update to a newer version to mitigate the risk, or as a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.