Vulnerabilities > CVE-2001-0986 - Unspecified vulnerability in Microsoft Index Server 2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Microsoft Index Server 2.0 File Information and Path Disclosure Vulnerability. CVE-2001-0986 . Remote exploit for windows platform |
| id | EDB-ID:21113 |
| last seen | 2016-02-02 |
| modified | 2001-09-14 |
| published | 2001-09-14 |
| reporter | Syed Mohamed |
| source | https://www.exploit-db.com/download/21113/ |
| title | Microsoft Index Server 2.0 File Information and Path Disclosure Vulnerability |