Lucene search
HistoryJan 22, 2001 - 5:00 a.m.
CVE-2000-0884
cve-2000-0884
iis 4.0
iis 5.0
remote attackers
unicode
web server folder traversal
arbitrary commands
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.938 High
EPSS
Percentile
99.1%
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the “Web Server Folder Traversal” vulnerability.
Affected configurations
Node
microsoftinternet_information_serverMatch4.0
ORmicrosoftinternet_information_servicesMatch5.0
References
Social References
More
Related
openvas
openvas
IIS directory traversal
2005-11-03 00:00:00
Microsoft IIS Directory Traversal Vulnerability (MS00-078) - Active Check
2009-03-16 00:00:00
Microsoft IIS Directory Traversal Vulnerability (MS00-078) - Active Check
2005-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft IIS Input Validation Directory Traversal (CVE-2000-0884)
2014-03-17 00:00:00
Microsoft IIS EXE W32 Storm Worm Command Execution - Ver2 (CVE-2000-0884)
2014-04-16 00:00:00
nvd
nvd
CVE-2000-0884
2000-12-19 05:00:00
saint
saint
IIS Unicode Directory Traversal
2006-07-03 00:00:00
IIS Unicode Directory Traversal
2006-07-03 00:00:00
IIS Unicode Directory Traversal
2006-07-03 00:00:00
cvelist
cvelist
CVE-2000-0884
2001-01-22 05:00:00
cert
cert
nessus
nessus
Microsoft IIS Unicode Remote Command Execution
2000-10-18 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.938 High
EPSS
Percentile
99.1%
Related for CVE-2000-0884