Vulnerabilities > CVE-1999-0386 - Unspecified vulnerability in Microsoft Frontpage and Personal web Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | MS FrontPage Personal WebServer 1.0/Personal Web Server 4.0 Directory Traversal. CVE-1999-0386. Remote exploit for windows platform |
| id | EDB-ID:19753 |
| last seen | 2016-02-02 |
| modified | 1996-01-17 |
| published | 1996-01-17 |
| reporter | kiborg |
| source | https://www.exploit-db.com/download/19753/ |
| title | Microsoft frontpage personal webserver 1.0/personal Web server 4.0 - Directory Traversal |
Nessus
| NASL family | CGI abuses |
| NASL id | MSPWS_DOTDOTDOT.NASL |
| description | It is possible to read any file on the remote system by prepending several dots before the file name. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10142 |
| published | 1999-06-22 |
| reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10142 |
| title | Microsoft Personal Web Server Multiple Dot Request Arbitrary File Access |