7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.05 Low
EPSS
Percentile
92.0%
Name | iis_doubledecode |
---|---|
CVE | CVE-2001-0333 Exploit Pack |
VENDOR: Microsoft | |
Notes: | |
The IIS Double Decode module will automatically use tftp to get a MOSDEF node on the remote target. | |
This will not work through a bounced win32 node (due to threading). |
Repeatability: Infinite
MSRC: http://www.microsoft.com/technet/security/Bulletin/MS01-026.mspx
MSADV: MS01-026
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0333
CVSS: 7.5