ID OSVDB:1170Type osvdbReporter OSVDBModified 1999-12-28T00:00:00
Description
No description provided by the source
References:
Microsoft Security Bulletin: MS99-061
Microsoft Knowledge Base Article: Q246401
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0488.html
Keyword: aka the "Escape Character Parsing" vulnerability
ISS X-Force ID: 3731
CVE-2000-0024
Bugtraq ID: 886
{"title": "Microsoft IIS Escape Character URL Access Bypass", "published": "1999-12-28T00:00:00", "references": [], "type": "osvdb", "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2017-04-28T13:19:55"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2000-0024"]}], "modified": "2017-04-28T13:19:55"}, "vulnersScore": 5.2}, "cvelist": ["CVE-2000-0024"], "viewCount": 2, "affectedSoftware": [], "hash": "6aca290695f953cc99780b3b032ab5beb0a7e7fcbebb12709099cf3ab07babe8", "id": "OSVDB:1170", "modified": "1999-12-28T00:00:00", "history": [], "href": "https://vulners.com/osvdb/OSVDB:1170", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "385070754077064f35dbb7384fe75c49", "key": "cvelist"}, {"hash": "74ae407306a397b0a0ad358180716883", "key": "cvss"}, {"hash": "509b6bc0a84b926ccb5599997a6ec64c", "key": "description"}, {"hash": "c1dc7cc0f195f78df5574972bbbfec2c", "key": "href"}, {"hash": "6460977faa2cd87138daf963f662e921", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6460977faa2cd87138daf963f662e921", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "955b328dc7cd615c13af5464c9183464", "key": "reporter"}, {"hash": "e854686621488f5d8beea8b54091337a", "key": "title"}, {"hash": "1327ac71f7914948578f08c54f772b10", "key": "type"}], "objectVersion": "1.2", "edition": 1, "description": "# No description provided by the source\n\n## References:\nMicrosoft Security Bulletin: MS99-061\nMicrosoft Knowledge Base Article: Q246401\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q4/0488.html\nKeyword: aka the \"Escape Character Parsing\" vulnerability\nISS X-Force ID: 3731\n[CVE-2000-0024](https://vulners.com/cve/CVE-2000-0024)\nBugtraq ID: 886\n", "bulletinFamily": "software", "reporter": "OSVDB", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/", "score": 6.4}, "lastseen": "2017-04-28T13:19:55"}
{"cve": [{"lastseen": "2019-05-29T18:07:36", "bulletinFamily": "NVD", "description": "IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the \"Escape Character Parsing\" vulnerability.", "modified": "2018-10-12T21:29:00", "id": "CVE-2000-0024", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0024", "published": "1999-12-21T05:00:00", "title": "CVE-2000-0024", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}]}
