Description

A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.

Remediation

References

CVE-2000-0951

Related Vulnerabilities

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6311)

IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-29844)

Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10735)

XWiki Missing Authorization Vulnerability (CVE-2022-23617)

Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)

Severity

Medium

Classification

CVE-2000-0951

Tags

Missing Update Known Vulnerabilities