Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0770

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2000-0770
Last Modified 07 Mar 2011 09:03:49
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0770

Summary

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

Vulnerable Systems

Application

  • Microsoft Internet Information Server 4.0

  • Microsoft Internet Information Server 5.0


References

BID - 1565

MS - MS00-057


Last Updated: 27 May 2016 10:35:52