Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MS00-078 | First vendor Publication | N/A |
| Vendor | Microsoft | Last vendor Modification | N/A |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Web Server Folder Traversal Vulnerability |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:44 | |||
| Oval ID: | oval:org.mitre.oval:def:44 | ||
| Title: | IIS Web Server Folder Traversal | ||
| Description: | IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2000-0884 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Information Server (IIS) |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
SAINT Exploits
| Description | Link |
|---|---|
| IIS Unicode Directory Traversal | More info here |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-03-16 | Name : Microsoft MS00-078 security check File : nvt/remote-MS00-078.nasl |
| 2005-11-03 | Name : IIS directory traversal File : nvt/iis_dir_traversal.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 436 | Microsoft IIS Unicode Remote Command Execution Microsoft Internet Information Server (IIS) contain a flaw that allows a remote attacker to access any file or folder on the Web Server with "anonymous" access. The issue is due to IIS failing to handle Unicode characters in URI requests. By replacing slashes and backslashes with their Unicode equivilent, an attacker can bypass the sanity checks present in IIS that would normally filter and deny such requests. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | unicode directory traversal attempt RuleID : 983 - Revision : 13 - Type : WEB-IIS |
| 2014-01-10 | unicode directory traversal attempt RuleID : 982 - Revision : 13 - Type : WEB-IIS |
| 2014-01-10 | unicode directory traversal attempt RuleID : 981 - Revision : 13 - Type : WEB-IIS |
| 2014-01-10 | file copied ok RuleID : 497-community - Revision : 21 - Type : INDICATOR-COMPROMISE |
| 2014-01-10 | file copied ok RuleID : 497 - Revision : 21 - Type : INDICATOR-COMPROMISE |
| 2014-01-10 | command completed RuleID : 494-community - Revision : 21 - Type : INDICATOR-COMPROMISE |
| 2014-01-10 | command completed RuleID : 494 - Revision : 21 - Type : INDICATOR-COMPROMISE |
| 2014-01-10 | unicode directory traversal attempt RuleID : 1945 - Revision : 8 - Type : WEB-IIS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2003-03-12 | Name : The remote host is vulnerable to privilege escalation. File : smb_nt_ms02-001.nasl - Type : ACT_GATHER_INFO |
| 2000-10-18 | Name : Arbitrary code can be executed on the remote host. File : iis_dir_traversal.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:44:28 |
|
| 2014-01-19 21:29:44 |
|
