cbcvebase.
CVE-1999-1375
published 1999-02-11

CVE-1999-1375: FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file…

PriorityP428medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
30.55%
98.0th percentile
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
microsoftinternet_information_server
microsoftinternet_information_server

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://www.server.foo/showfile.asp?file=../../global.asa
pathshowfile.asp
  • Look for HTTP requests to showfile.asp containing a 'file' parameter with path traversal sequences (e.g., '../')
  • Monitor requests to showfile.asp where the 'file' parameter references sensitive files outside the web root, such as global.asa
  • Alert on attempts to read ASP source files or stream data into other ASP files via the FSO file parameter
  • ·Vulnerability is specific to IIS 3.0/4.0 deployments where FileSystemObject is enabled and called from showfile.asp
  • ·The FSO path traversal is not restricted to the web root, meaning any file accessible to the IIS process account can potentially be read
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.