IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2000-03-22T05:00:00
Updated: 2024-08-08T04:58:11.523Z
Reserved: 2000-01-11T00:00:00
Link: CVE-2000-0025
Vulnrichment
No data.
NVD
Status : Modified
Published: 1999-12-21T05:00:00.000
Modified: 2024-11-20T23:31:33.197
Link: CVE-2000-0025
Redhat
No data.