Description

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.

Remediation

References

CVE-1999-0154

Related Vulnerabilities

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3966)

WordPress Plugin RSVPMaker SQL Injection (9.2.6)

WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5)

e107 Other Vulnerability (CVE-2010-2098)

Oracle Database Server CVE-2007-5515 Vulnerability (CVE-2007-5515)

Severity

Medium

Classification

CVE-1999-0154

Tags

Missing Update Known Vulnerabilities