Vulnerability in N/a

CVE-2000-0071

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

EPSS: 0.714 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

20000113 SV: IIS still revealing paths for web directories (mailing-list, x_refsource_BUGTRAQ)
20000111 IIS still revealing paths for web directories (mailing-list, x_refsource_BUGTRAQ)