Lucene search
HistoryJun 21, 2005 - 4:00 a.m.
CVE-2002-1717
iis
5.1
path information disclosure
cve-2002-1717
nvd
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf.
Affected configurations
Node
microsoftinternet_information_servicesMatch5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:internet_information_services | microsoft internet information services | eq | 5.1 |
Related
nessus
nessus
Microsoft IIS Multiple .cnf File Information Disclosure
2000-12-11 00:00:00
openvas
openvas
Microsoft IIS '.cnf' File Leakage Vulnerability - Active Check
2005-11-03 00:00:00
Check for IIS .cnf file leakage
2005-11-03 00:00:00
cvelist
cvelist
CVE-2002-1717
2005-06-21 04:00:00
nvd
nvd
CVE-2002-1717
2002-12-31 05:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Related for CVE-2002-1717