Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping Vulnerability

ID SSV:73180
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lists the absolute pathname of the "missing" .IDC file. 


will return:

Error Performing Query
Error processing file 'c:\inetpub\scripts\samples\hackme.idc'