Microsoft IIS Input Validation Directory Traversal (CVE-2000-0884)

A directory traversal vulnerability has been reported in Microsoft IIS. The vulnerability is due to an input validation error in Microsoft IIS that does not properly sanitize the URI for directory traversal patterns. Successful exploitation of this vulnerability would allow the attacker to execut...

Microsoft IIS Directory Traversal Vulnerability (MS00-078) - Active Check

Microsoft IIS is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

IIS Unicode Directory Traversal

Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...

IIS Unicode Directory Traversal

Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...

VulnCheck KEV: CVE-2000-0884

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability...

CVE-2000-0884

The CVE-2000-0884 entry describes a directory traversal/command execution vulnerability in Microsoft IIS 4.0 and 5.0. Public sources (SAINT, OpenVAS) confirm that by encoding invalid characters in Unicode (e.g., %c0%af) an attacker can bypass path validation and access the server’s filesystem fro...