2 matches found
Microsoft IIS idq.dll Traversal Arbitrary File Access
There is a vulnerability in idq.dll which allows any remote user to read any file on the target system through the 'query.idq' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10115; scriptversion"1.38";...
Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006)
source: https://www.securityfocus.com/bid/968/info A vulnerability in idq.dll can allow an attacker to gain read access to any file on the same logical drive as the web server virtual root. The attacker has to know the physical path and filename of the requested file, and the ACL for the file mus...