ID
VAR-199701-0039
CVE
CVE-1999-0253
TITLE
Microsoft Internet Information Services Security hole
Trust: 0.6
DESCRIPTION
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. Microsoft Internet Information Server (IIS) is a popular web server, providing support for a variety of scripting languages, including ASP (active server pages). This is accomplished by appending a period (.) to the end of a URL requesting a specific script, and applies to any file types in the "script-map list", including .asp, .ht., .id, .PL, and others. Consequences of exploitation vary depending on the site design, but commonly include details of directory structure on the web server, database passwords, and various other pieces of information that could then be used to mount further attacks. A Microsoft hotfix for this issue was released, but has been found vulnerable to a variation whereby the period is replaced by %2e, the hexadecimal encoding for the same character. (BugTraq ID 1814). Microsoft IIS will return the source code of various server side script files (such as ASP files) if the filename in the URL request contains a "%2e", the hex value for ".". For example, the following URL will display the source of the ASP file: http://target/file%2easp Source code disclosure could possibly yield sensitive information such as usernames and passwords
Trust: 1.44
AFFECTED PRODUCTS
| vendor: | microsoft | model: | internet information server | scope: | eq | version: | 3.0 | Trust: 1.6 |
| vendor: | microsoft | model: | internet information services | scope: | eq | version: | 1.0 | Trust: 1.0 |
| vendor: | microsoft | model: | internet information services | scope: | eq | version: | 2.0 | Trust: 1.0 |
| vendor: | microsoft | model: | iis | scope: | eq | version: | 3.0 | Trust: 0.6 |
| vendor: | microsoft | model: | internet information server | scope: | eq | version: | 2.0 | Trust: 0.6 |
| vendor: | microsoft | model: | internet information server | scope: | eq | version: | 1.0 | Trust: 0.6 |
| vendor: | microsoft | model: | iis | scope: | eq | version: | 2.0 | Trust: 0.3 |
| vendor: | microsoft | model: | iis | scope: | ne | version: | 5.0 | Trust: 0.3 |
| vendor: | microsoft | model: | iis | scope: | ne | version: | 4.0 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
network
Trust: 0.6
TYPE
other
Trust: 0.6
PATCH
| title: | Microsoft IIS Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134904 | Trust: 0.6 |
EXTERNAL IDS
| db: | BID | id: | 1814 | Trust: 2.2 |
| db: | NVD | id: | CVE-1999-0253 | Trust: 1.9 |
| db: | CNNVD | id: | CNNVD-199701-007 | Trust: 0.6 |
| db: | BID | id: | 2074 | Trust: 0.3 |
REFERENCES
| url: | http://www.securityfocus.com/bid/1814 | Trust: 1.9 |
| url: | http://support.microsoft.com/support/kb/articles/q163/4/85.asp | Trust: 0.3 |
| url: | http://support.microsoft.com/support/kb/articles/q164/0/59.asp | Trust: 0.3 |
CREDITS
Weld Pond※ weld@atstake.com
Trust: 0.6
SOURCES
| db: | BID | id: | 2074 |
| db: | BID | id: | 1814 |
| db: | CNNVD | id: | CNNVD-199701-007 |
| db: | NVD | id: | CVE-1999-0253 |
LAST UPDATE DATE
2024-08-14T15:31:23.458000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 2074 | date: | 1997-02-20T00:00:00 |
| db: | BID | id: | 1814 | date: | 2009-07-11T03:56:00 |
| db: | CNNVD | id: | CNNVD-199701-007 | date: | 2022-08-18T00:00:00 |
| db: | NVD | id: | CVE-1999-0253 | date: | 2022-08-17T06:15:12.670 |
SOURCES RELEASE DATE
| db: | BID | id: | 2074 | date: | 1997-02-20T00:00:00 |
| db: | BID | id: | 1814 | date: | 1997-03-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-199701-007 | date: | 1997-01-01T00:00:00 |
| db: | NVD | id: | CVE-1999-0253 | date: | 1997-01-01T05:00:00 |