Microsoft IIS UNC Mapped Virtual Host Source Disclosure

Medium Nessus Network Monitor Plugin ID 1583

Synopsis

The IIS web server allows the retrieval of ASP/HTR source code.

Description

The IIS web server allows the retrieval of ASP/HTR source code. An attacker can use this vulnerability to see how your pages interact and find holes in them to exploit.

Solution

Install the latest patches from Microsoft.

Plugin Details

Severity: Medium

ID: 1583

File Name: 1583.prm

Family: Web Servers

Published: 2004/08/20

Modified: 2016/12/12

Dependencies: 1724

Nessus ID: 11443

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2000-0246

BID: 1081

OSVDB: 7807