Vulnerabilities > CVE-1999-0154 - Unspecified vulnerability in Microsoft products

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

exploit available

NVD

Published: 1999-12-31

Updated: 2022-08-17

Summary

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.

Part	Description	Count
Application	Microsoft Microsoft Internet Information Server 3.0 Microsoft Internet Information Services 2.0	2

description	Microsoft IIS 2.0/3.0 Appended Dot Script Source Disclosure Vulnerability. CVE-1999-0154. Remote exploit for windows platform
id	EDB-ID:20481
last seen	2016-02-02
modified	1997-02-20
published	1997-02-20
reporter	Mark Joseph Edwards
source	https://www.exploit-db.com/download/20481/
title	Microsoft IIS 2.0/3.0 Appended Dot Script Source Disclosure Vulnerability