New Search

IIS Web Server Folder Traversal

oval:org.mitre.oval:def:44

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root and possibly execute arbitrary commands via malformed URLs that contain UNICODE encoded characters aka the "Web Server Folder Traversal" vulnerability.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2000-0884
Product(s):
  • Microsoft Internet Information Server (IIS)