Lucene search
K

30 matches found

exploitpack
exploitpack
added 2000/03/31 12:0 a.m.21 views

Microsoft Index Server 2.0 - %20 ASP Source Disclosure

Microsoft Index Server 2.0 - %20 ASP Source Disclosure source: https://www.securityfocus.com/bid/1084/info Index Server can be used to cause IIS to display the source of .asp and possibly other server-side processed files. By appending a space %20 to the end of the filename specified in the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/03/30 12:0 a.m.622 views

Security Bulletin (MS00-019)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-019 - -------------------------------------- Patch...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2000/03/22 5:0 a.m.30 views

CVE-2000-0025

IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability...

6.8AI score0.34852EPSS
Exploits0References3
CVE
CVE
added 2000/02/04 5:0 a.m.83 views

CVE-1999-0253

Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...

7.5CVSS6.9AI score0.07952EPSS
Exploits0References1Affected Software2
Packet Storm
Packet Storm
added 2000/01/28 12:0 a.m.49 views

iis4.webhits.txt

Cerberus Information Security Advisory CISADV000126 http://www.cerberus-infosec.co.uk/advisories.html Released : 26th January 2000 Name : Webhits.dll buffer truncation Affected Systems: Microsoft Windows NT 4 running Internet Information Server 4 All service Packs Issue : Attackers can access fil...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.54 views

ms.iis4.showcode.txt

L0pht Security Advisory ------------- URL Origin: http://www.l0pht.com/advisories.html Release Date: May 7th, 1999 Application: Microsoft IIS 4.0 Web Server Severity: Web users can view ASP source code and other sensitive files on the web server Author: [email protected] Operating Sys: Microsoft NT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/02/11 12:0 a.m.34 views

Microsoft IIS 3.0/4.0 - Using ASP and FSO To Read Server Files

source: https://www.securityfocus.com/bid/230/info The File System Object FSO may be called from an Active Server Page ASP to display files that exist outside of the web server's root directory. FSO allows calls to be made utilizing "../" to exit the local directory path. An example of this synta...

7.4AI score
Exploits0
NVD
NVD
added 1998/06/01 4:0 a.m.26 views

CVE-1999-0278

In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL...

5CVSS0.64814EPSS
Exploits0References2
exploitpack
exploitpack
added 1998/01/01 12:0 a.m.16 views

Microsoft IIS 3.04.0 Microsoft Personal Web Server 2.03.04.0 - ASP Alternate Data Streams

Microsoft IIS 3.04.0 Microsoft Personal Web Server 2.03.04.0 - ASP Alternate Data Streams source: https://www.securityfocus.com/bid/149/info Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA t...

Exploits0
Exploit DB
Exploit DB
added 1998/01/01 12:0 a.m.35 views

Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams

source: https://www.securityfocus.com/bid/149/info Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. F...

7.4AI score
Exploits0
Rows per page
Query Builder