CVE-2000-0884

Sažetak

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Reference

http://www.osvdb.org/436
http://www.securityfocus.com/bid/1806
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078
https://exchange.xforce.ibmcloud.com/vulnerabilities/5377
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

30-10-2018 - 16:25

Objavljeno

19-12-2000 - 05:00