CVE-2000-0098

3 documents3 sources

Severity

5.0MEDIUM

EPSS

82.7%

top 0.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Index Server

Timeline

PublishedJan 26

Latest updateApr 30

Description

Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/index_server2.0

🔴Vulnerability Details

GHSA

GHSA-q6jm-fjc7-97gj: Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does n↗2022-04-30

▶

CVEList

CVE-2000-0098: Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does n↗2000-03-22

▶