Vulnerabilities > CVE-1999-0253 - Unspecified vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Nessus
| NASL family | Web Servers |
| NASL id | ASP_SOURCE_DOT.NASL |
| description | It is possible to get the source code of a remote ASP script by appending |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10363 |
| published | 2000-04-10 |
| reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10363 |
| title | Microsoft IIS/PWS %2e Request ASP Source Disclosure |