Home » Hacking News » Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerab

Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerab

by Nikola Strahija on February 14th, 2002 An issue in IIS has been reported which could allow for a remote attacker to reveal the source of a Frontpage Server Extension file. Allegedly, submitting a request using '../' character sequences followed by the path to a known FPSE file, will cause the host to reveal the source of the requested file.

Microsoft has not confirmed the existence of these vulnerabilities.

* Confliciting details exist. This issue may be the result of a configuration error, although this has not been confirmed

Remote: Yes

Exploit: No exploit code required.

Vulnerable: Microsoft IIS 5.1

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Our online shop
Top sellers
New Items
Books
Software

Xatrix.org © Copyright 2001-2016, Xatrix Security . All Rights Reserved
Most hackers are young because young people tend to be adaptable. As long as you remain adaptable, you can always be a good hacker. - Emmanuel Goldstein

Users login

JOIN XATRIX

Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerab

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact