Published: 30/03/2000 Updated: 30/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote malicious users to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft commercial internet system 2.5
microsoft internet information server 4.0
microsoft site server commerce 3.0
microsoft internet information services 5.0
microsoft proxy server 2.0
microsoft site server 3.0
microsoft commercial internet system 2.0

MS Commercial Internet System 20/25,IIS 40,Proxy Server 20,Site Server Commerce Edition 30 UNC Mapped Virtual Host Vulnerability source: wwwsecurityfocuscom/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "\" appended to an ASP or HTR extension in a URL request to that virtual host will cause Microsof ...

NVD-CWE-Other http://www.microsoft.com/technet/support/kb.asp?ID=249599 http://www.securityfocus.com/bid/1081 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019 https://nvd.nist.gov https://www.exploit-db.com/exploits/19824/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2000-0246

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect