cbcvebase.
CVE-2001-0986
published 2001-09-14

CVE-2001-0986: SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or…

PriorityP427medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
48.16%
98.7th percentile
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.

Affected

1 ranges
VendorProductVersion rangeFixed in
microsoftindex_server

Detection & IOCsextracted from sources · hover to see the quote

path\inetpub\iissamples\ISSamples\SQLQHit.asp
urlhttp://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=webinfo
urlhttp://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_fileinfo
urlhttp://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_webinfo
urlhttp://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=fileinfo
filenameSQLQHit.asp
  • Detect HTTP requests targeting the SQLQHit.asp sample file path with CiScope parameter set to any of the four disclosure values: webinfo, extended_fileinfo, extended_webinfo, or fileinfo.
  • Monitor HTTP access logs for requests to /iissamples/ISSamples/SQLQHit.asp with query strings containing CiColumns=* and any CiScope value, indicating active exploitation attempts.
  • ·The vulnerable SQLQHit.asp file is installed by default as part of IIS sample files; its mere presence on a production server indicates a misconfiguration/unmitigated exposure.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.