Sign-up

ID

VAR-200212-0467


CVE

CVE-2002-1744


TITLE

Microsoft IIS of CodeBrws.asp Vulnerable to directory traversal

Trust: 0.8

sources: JVNDB: JVNDB-2002-000094

DESCRIPTION

Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Microsoft IIS 5.0 There is a problem with disclosing the source of a file. Microsoft IIS 5.0 Contains sample files for demonstration purposes. These demonstration sample files are .asp , .inc , .htm , .html Etc. and exist under the web root directory. IIS 5.0 of Internet Service Manager One of the sample programs used by codebrws.asp There is a file called. codebrws.asp There is a flaw in the handling of Unicode characters in the URL, so using this file may allow an attacker to obtain the source of the file that exists under the web root directory. You can get the source .html , .htm , .asp , .inc Limited to files with the above extensions. Default setting IIS 5.0 So remotely codebrws.asp Since it is not possible to access, only local attacks will succeed unless the setting is changed intentionally.Please refer to the “Overview” for the impact of this vulnerability. However, this script (CodeBrws.asp) does not adequately filter unicode representations of directory traversals. For example, an attacker can break out of the sample script directory by substituting '%c0%ae%c0%ae' for '..' in a dot-dot-slash directory traversal attack. It has been demonstrated that this issue may be exploited to map out the directory structure of the filesystem on a host running the vulnerable script. This may allow an attacker to view, for example, .aspx files used by the .NET architecture. If used in conjunction with the issues discussed in BID 4525, this may expose files outside of the sample script directory

Trust: 2.16

sources: NVD: CVE-2002-1744 // JVNDB: JVNDB-2002-000094 // BID: 4525 // BID: 4543

AFFECTED PRODUCTS

vendor:microsoftmodel:internet information servicesscope:eqversion:5.0

Trust: 1.6

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 1.4

vendor:microsoftmodel:internet information serverscope:eqversion:5.0

Trust: 0.6

sources: BID: 4525 // BID: 4543 // JVNDB: JVNDB-2002-000094 // CNNVD: CNNVD-200212-845 // NVD: CVE-2002-1744

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1744
value: MEDIUM

Trust: 1.0

NVD: CVE-2002-1744
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200212-845
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2002-1744
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2002-000094 // CNNVD: CNNVD-200212-845 // NVD: CVE-2002-1744

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1744

THREAT TYPE

network

Trust: 0.6

sources: BID: 4525 // BID: 4543

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 4525 // BID: 4543

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2002-000094

PATCH
title:Top Pageurl:http://www.microsoft.com/ja/jp/default.aspx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2002-000094

EXTERNAL IDS
db:BIDid:4525
Trust: 3.0
db:NVDid:CVE-2002-1744
Trust: 2.4
db:BIDid:4543
Trust: 1.1
db:JVNDBid:JVNDB-2002-000094
Trust: 0.8
db:XFid:8853
Trust: 0.6
db:NSFOCUSid:2598
Trust: 0.6
db:CNNVDid:CNNVD-200212-845
Trust: 0.6
sources:
            
            
            BID: 4525 // 
            
            
            
            BID: 4543 // 
            
            
            
            JVNDB: JVNDB-2002-000094 // 
            
            
            
            CNNVD: CNNVD-200212-845 // 
            
            
            
            NVD: CVE-2002-1744

REFERENCES
url:http://www.securityfocus.com/bid/4525
Trust: 3.4
url:http://online.securityfocus.com/archive/1/267945
Trust: 2.0
url:http://online.securityfocus.com/archive/1/268065
Trust: 2.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/8853
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1744
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1744
Trust: 0.8
url:http://www.securityfocus.com/bid/4543
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/8853
Trust: 0.6
url:http://www.nsfocus.net/vulndb/2598
Trust: 0.6
url:http://online.securityfocus.com/bid/4525
Trust: 0.3
sources:
            
            
            BID: 4543 // 
            
            
            
            JVNDB: JVNDB-2002-000094 // 
            
            
            
            CNNVD: CNNVD-200212-845 // 
            
            
            
            NVD: CVE-2002-1744

CREDITS
H D Moore※ hdm@metasploit.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200212-845

SOURCES
db:BIDid:4525
db:BIDid:4543
db:JVNDBid:JVNDB-2002-000094
db:CNNVDid:CNNVD-200212-845
db:NVDid:CVE-2002-1744

LAST UPDATE DATE
2024-11-22T23:12:09.475000+00:00

SOURCES UPDATE DATE
db:BIDid:4525date:2002-04-16T00:00:00
db:BIDid:4543date:2002-04-18T00:00:00
db:JVNDBid:JVNDB-2002-000094date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-845date:2005-10-20T00:00:00
db:NVDid:CVE-2002-1744date:2024-11-20T23:42:00.783

SOURCES RELEASE DATE
db:BIDid:4525date:2002-04-16T00:00:00
db:BIDid:4543date:2002-04-18T00:00:00
db:JVNDBid:JVNDB-2002-000094date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-845date:2002-04-16T00:00:00
db:NVDid:CVE-2002-1744date:2002-12-31T05:00:00