Vulnerabilities > CVE-2002-1744 - Unspecified vulnerability in Microsoft Internet Information Services 5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure Vulnerability. CVE-2002-1744. Remote exploit for windows platform |
id | EDB-ID:21385 |
last seen | 2016-02-02 |
modified | 2002-04-16 |
published | 2002-04-16 |
reporter | H D Moore |
source | https://www.exploit-db.com/download/21385/ |
title | Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure Vulnerability |