Description

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

Remediation

References

CVE-2000-0071

Related Vulnerabilities

WebLogic CVE-2022-21347 Vulnerability (CVE-2022-21347)

GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10402)

WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7)

Severity

Medium

Classification

CVE-2000-0071

Tags

Missing Update Known Vulnerabilities