332 matches found
CVE-1999-0253
Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...
CVE-1999-0286
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages...
CVE-1999-0253
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . dot in the URL...
CVE-1999-0286
The CVE describes a vulnerability in some NT web servers where appending a trailing space to a URL allows attackers to read the source of active pages, enabling complete confidentiality compromise. Documented by multiple sources (NVD, Red Hat, CVE list) with no publicly documented fix/version pro...
CVE-1999-0725
The affected product is Microsoft IIS. When IIS runs with a default language set to Chinese, Korean, or Japanese, a remote attacker can view the source code of certain files (described as the Double Byte Code Page issue). The Red Hat entry and other mirrors confirm the same behavior. The root c...
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page"...
Microsoft IIS 3.04.0 - Double Byte Code Page
Microsoft IIS 3.04.0 - Double Byte Code Page source: https://www.securityfocus.com/bid/477/info This vulnerability could allow a web site viewer to obtain the source code for .asp and similar files if the server's default language Input Locale is set to Chinese, Japanese or Korean. How this works...
Microsoft IIS 3.0/4.0 - Double Byte Code Page
source: https://www.securityfocus.com/bid/477/info This vulnerability could allow a web site viewer to obtain the source code for .asp and similar files if the server's default language Input Locale is set to Chinese, Japanese or Korean. How this works is as follows: IIS checks the extension of t...
Microsoft IIS 4.0 / Microsoft Site Server 3.0 - Showcode ASP
source: https://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web server that is readable by the web server. IIS 4.0 installs a...
Microsoft IIS 3.04.0 - Using ASP and FSO To Read Server Files
Microsoft IIS 3.04.0 - Using ASP and FSO To Read Server Files source: https://www.securityfocus.com/bid/230/info The File System Object FSO may be called from an Active Server Page ASP to display files that exist outside of the web server's root directory. FSO allows calls to be made utilizing...
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Decrypt Pages
/ source: https://www.securityfocus.com/bid/275/info A vulnerability in ColdFusion allows pages encrypted with the CFCRYPT.EXE utility to be decrypted. ColdFusion supports the ability to "encrypt" the CFML templates in an application or component, using the CFCRYPT.EXE utility, so they can be...
Sun Java Web Server 1.1 Beta - Viewable .jhtml Source
source: https://www.securityfocus.com/bid/1891/info A vulnerability exists in Sun Microsystems' JavaWebServer for Win32, version 1.1Beta. JavaWebServer is a Java-oriented web application development platform. If a URL is submitted requesting a .jhtml file an HTML document with embedded Java sourc...