CVE-2000-0025
published 1999-12-21CVE-2000-0025: IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such…
medium5CVSS 3.1
AVNACLAuNCPINAN
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_information_server | — | — |
| microsoft | site_server | — | — |
| microsoft | site_server_commerce | — | — |