Details of VAR-200010-0022

ID

VAR-200010-0022

CVE

CVE-2000-0770

TITLE

IIS Access restriction bypass vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200010-114

DESCRIPTION

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. Due to an error in canonicalization affecting CGI scripts and ISAPI extensions, incorrect permissions may be set for a given file on a web server following a malformed HTTP request. This will allow a user to perform actions on CGI or ISAPI-mapped files, including reading or executing, which would normally be denied. This does not apply to files in virtual folders.The correct file is located, but is concluded to be in a location different from its actual folder. Depending on the exact nature of the malformed URL, the file may inherit the permissions of any parent folder in the file's path

Trust: 1.17

sources: NVD: CVE-2000-0770 // BID: 1565

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	internet information services	scope:	eq	version:	5.0	Trust: 1.6
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.0	Trust: 0.6
vendor:	microsoft	model:	iis	scope:	eq	version:	5.0	Trust: 0.3
vendor:	microsoft	model:	iis alpha	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 0.3

sources: BID: 1565 // CNNVD: CNNVD-200010-114 // NVD: CVE-2000-0770

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2000-0770
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200010-114
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2000-0770
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-200010-114 // NVD: CVE-2000-0770

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0770

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200010-114

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200010-114

EXTERNAL IDS

db:	BID	id:	1565	Trust: 1.9
db:	NVD	id:	CVE-2000-0770	Trust: 1.6
db:	MS	id:	MS00-057	Trust: 0.6
db:	CNNVD	id:	CNNVD-200010-114	Trust: 0.6

sources: BID: 1565 // CNNVD: CNNVD-200010-114 // NVD: CVE-2000-0770

REFERENCES

url:	http://www.securityfocus.com/bid/1565	Trust: 1.6
url:	http://www.microsoft.com/technet/security/bulletin/ms00-057.asp	Trust: 1.2
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-057	Trust: 1.0
url:	http://www.microsoft.com/technet/security/bulletin/fq00-057.asp	Trust: 0.3

sources: BID: 1565 // CNNVD: CNNVD-200010-114 // NVD: CVE-2000-0770

CREDITS

Discovered by Burt Abreu & Søren Skov of VBExplorer.com.

Trust: 0.3

sources: BID: 1565

SOURCES

db:	BID	id:	1565
db:	CNNVD	id:	CNNVD-200010-114
db:	NVD	id:	CVE-2000-0770

LAST UPDATE DATE

2024-08-14T14:48:21.196000+00:00

SOURCES UPDATE DATE

db:	BID	id:	1565	date:	2000-08-10T00:00:00
db:	CNNVD	id:	CNNVD-200010-114	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-2000-0770	date:	2018-10-30T16:25:10.357

SOURCES RELEASE DATE

db:	BID	id:	1565	date:	2000-08-10T00:00:00
db:	CNNVD	id:	CNNVD-200010-114	date:	2000-10-20T00:00:00
db:	NVD	id:	CVE-2000-0770	date:	2000-10-20T04:00:00