IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 01:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 1999-12-21 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-0025
Mitre link : CVE-2000-0025
CVE.ORG link : CVE-2000-0025
JSON object : View
Products Affected
microsoft
- site_server
- internet_information_server
- site_server_commerce
CWE