Vulnerabilities > CVE-2000-0951 - Unspecified vulnerability in Microsoft Internet Information Services 5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability. CVE-2000-0951. Remote exploit for windows platform |
id | EDB-ID:20269 |
last seen | 2016-02-02 |
modified | 2000-10-04 |
published | 2000-10-04 |
reporter | David Litchfield |
source | https://www.exploit-db.com/download/20269/ |
title | Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | WEBDAV_IIS.NASL |
description | It is possible to retrieve the listing of the remote directories accessible via HTTP, rather than their index.html, using the Index Server service which provides WebDav capabilities to this server. This problem allows an attacker to gain more knowledge about the remote host, and may make him aware of hidden HTML files. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10526 |
published | 2000-10-05 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10526 |
title | Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing |
code |
|