ID

VAR-199701-0039


CVE

CVE-1999-0253


TITLE

Microsoft Internet Information Services Security hole

Trust: 0.6

sources: CNNVD: CNNVD-199701-007

DESCRIPTION

IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. Microsoft Internet Information Server (IIS) is a popular web server, providing support for a variety of scripting languages, including ASP (active server pages). This is accomplished by appending a period (.) to the end of a URL requesting a specific script, and applies to any file types in the "script-map list", including .asp, .ht., .id, .PL, and others. Consequences of exploitation vary depending on the site design, but commonly include details of directory structure on the web server, database passwords, and various other pieces of information that could then be used to mount further attacks. A Microsoft hotfix for this issue was released, but has been found vulnerable to a variation whereby the period is replaced by %2e, the hexadecimal encoding for the same character. (BugTraq ID 1814). Microsoft IIS will return the source code of various server side script files (such as ASP files) if the filename in the URL request contains a "%2e", the hex value for ".". For example, the following URL will display the source of the ASP file: http://target/file%2easp Source code disclosure could possibly yield sensitive information such as usernames and passwords

Trust: 1.44

sources: NVD: CVE-1999-0253 // BID: 2074 // BID: 1814

AFFECTED PRODUCTS

vendor:microsoftmodel:internet information serverscope:eqversion:3.0

Trust: 1.6

vendor:microsoftmodel:internet information servicesscope:eqversion:2.0

Trust: 1.0

vendor:microsoftmodel:internet information servicesscope:eqversion:1.0

Trust: 1.0

vendor:microsoftmodel:iisscope:eqversion:3.0

Trust: 0.6

vendor:microsoftmodel:internet information serverscope:eqversion:2.0

Trust: 0.6

vendor:microsoftmodel:internet information serverscope:eqversion:1.0

Trust: 0.6

vendor:microsoftmodel:iisscope:eqversion:2.0

Trust: 0.3

vendor:microsoftmodel:iisscope:neversion:5.0

Trust: 0.3

vendor:microsoftmodel:iisscope:neversion:4.0

Trust: 0.3

sources: BID: 2074 // BID: 1814 // CNNVD: CNNVD-199701-007 // NVD: CVE-1999-0253

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0253
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199701-007
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-1999-0253
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

sources: CNNVD: CNNVD-199701-007 // NVD: CVE-1999-0253

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0253

THREAT TYPE

network

Trust: 0.6

sources: BID: 2074 // BID: 1814

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199701-007

PATCH

title:Microsoft IIS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134904

Trust: 0.6

sources: CNNVD: CNNVD-199701-007

EXTERNAL IDS

db:BIDid:1814

Trust: 2.2

db:NVDid:CVE-1999-0253

Trust: 1.9

db:CNNVDid:CNNVD-199701-007

Trust: 0.6

db:BIDid:2074

Trust: 0.3

sources: BID: 2074 // BID: 1814 // CNNVD: CNNVD-199701-007 // NVD: CVE-1999-0253

REFERENCES

url:http://www.securityfocus.com/bid/1814

Trust: 2.9

url:http://support.microsoft.com/support/kb/articles/q163/4/85.asp

Trust: 0.3

url:http://support.microsoft.com/support/kb/articles/q164/0/59.asp

Trust: 0.3

sources: BID: 2074 // CNNVD: CNNVD-199701-007 // NVD: CVE-1999-0253

CREDITS

Weld Pond※ weld@atstake.com

Trust: 0.6

sources: CNNVD: CNNVD-199701-007

SOURCES

db:BIDid:2074
db:BIDid:1814
db:CNNVDid:CNNVD-199701-007
db:NVDid:CVE-1999-0253

LAST UPDATE DATE

2024-11-22T23:03:23.988000+00:00


SOURCES UPDATE DATE

db:BIDid:2074date:1997-02-20T00:00:00
db:BIDid:1814date:2009-07-11T03:56:00
db:CNNVDid:CNNVD-199701-007date:2022-08-18T00:00:00
db:NVDid:CVE-1999-0253date:2024-11-20T23:28:14.970

SOURCES RELEASE DATE

db:BIDid:2074date:1997-02-20T00:00:00
db:BIDid:1814date:1997-03-19T00:00:00
db:CNNVDid:CNNVD-199701-007date:1997-01-01T00:00:00
db:NVDid:CVE-1999-0253date:1997-01-01T05:00:00