CVE-2000-0098

CVE-2000-0098 describes a path-disclosure vulnerability in Microsoft Index Server/IIS WebHits: remote attackers can determine the real path of a web directory by requesting non-existent Internet Data Query files. OpenVAS notes the issue in MS00-006 (WebHits ISAPI filter) and IDA/IDQ path disclosu...

CVE-2000-0126

CVE-2000-0126 affects Microsoft IIS 3 and 4 via the idq.dll component. The vulnerability enables remote attackers to read arbitrary files on the target system by exploiting a dot-dot ('..') traversal in the IDQ scripts, specifically through the query.idq parameter. The root cause is a traversal f...

CVE-2000-0126

Sample Internet Data Query IDQ scripts in IIS 3 and 4 allow remote attackers to read files via a .. dot dot attack...

CVE-2000-0098

Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist...

PT-2000-1112 · Microsoft · Iis

Name of the Vulnerable Software and Affected Versions: IIS versions 3 and 4 Description: The issue allows remote attackers to read files via a .. dot dot attack, potentially exposing sensitive information. This is made possible by sample Internet Data Query IDQ scripts in the affected IIS version...