Vulnerabilities > CVE-2001-0986 - File Information and Path Disclosure vulnerability in Microsoft Index Server 2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Microsoft Index Server 2.0 File Information and Path Disclosure Vulnerability. CVE-2001-0986 . Remote exploit for windows platform |
id | EDB-ID:21113 |
last seen | 2016-02-02 |
modified | 2001-09-14 |
published | 2001-09-14 |
reporter | Syed Mohamed |
source | https://www.exploit-db.com/download/21113/ |
title | Microsoft Index Server 2.0 File Information and Path Disclosure Vulnerability |