CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

CVE-2000-0004

ZBServer Pro allows remote attackers to read source code for executable files by inserting a . dot into the URL...

CVE-2000-0396

The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files...

CVSweb Detection

CVSweb is a web interface for a CVS repository. It allows users to browse through the history of the source code of a given project. If your environement contains sensitive source code, then access to this CGI should be password-protected. C Tenable Network Security, Inc. include"compat.inc";...

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation source: https://www.securityfocus.com/bid/1108/info Two dlls dvwssr.dll and mtd2lv.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack include an obfuscation...

Microsoft IIS/PWS %2e Request ASP Source Disclosure

It is possible to get the source code of a remote ASP script by appending '%2e' to the end of the request. ASP source code usually contains sensitive information such as logins and passwords. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10363; scriptversion "1.35";...

More info on MS00-019

In usual tradition, little information is to be had about the "Virtualized UNC Share" problem talked about in MS00-019. Luckily, MS was nice enough to submit an extra post to Bugtraq to give Adam Coyne credit. Anyways, for those of you interested in the problem, making a request for a file with a...

ms00-019.info.txt

In usual tradition, little information is to be had about the "Virtualized UNC Share" problem talked about in MS00-019. Luckily, MS was nice enough to submit an extra post to Bugtraq to give Adam Coyne credit. Anyways, for those of you interested in the problem, making a request for a file with a...

Еще одна уязвимость в MS Index Server

С помощью запроса типа http://charon/null.htw?CiWebHitsFile=/default.asp20&CiRestriction=none&CiHiliteType=Full можно получить исходный текст .asp или любого другого скрипта...

Microsoft IIS WebHits null.htw .asp Source Disclosure

It is possible to get the source code of ASP scripts by issuing a specially crafted request. ASP source codes usually contain sensitive information such as usernames and passwords. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10356; scriptversion"1.44";...

Security Bulletin (MS00-019)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-019 - -------------------------------------- Patch...

Microsoft IIS 4.0 - UNC Mapped Virtual Host

MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability source: https://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "" appended to an ASP or HTR extension in a...

Microsoft IIS 4.0 - UNC Mapped Virtual Host

Microsoft IIS 4.0 - UNC Mapped Virtual Host MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability source: https://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "...

CVE-2000-0025

IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability...

CVE-2000-0149

Zeus web server allows remote attackers to view the source code for CGI programs via a null character %00 at the end of a URL...

asp.runtime-error.txt

Forwarded with permission of the author. Please direct all replies to [email protected]. Ben Greenbaum Director of Site Content Security Focus http://www.securityfocus.com ---------- Forwarded message ---------- Description: ============ Active server pages ASP with runtime errors expose a security...

CVE-2000-0149

Zeus web server allows remote attackers to view the source code for CGI programs via a null character %00 at the end of a URL...

CVE-1999-0283

The CVE-1999-0283 issue is described across connected records as a vulnerability in the Java Web Server where remote users could obtain the source code of CGI programs. The materials confirm the affected system (Java Web Server) and the exposure (source disclosure via remote access). No specific ...

CVE-1999-0253

Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...

CVE-1999-0286

In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages...