Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0770


Vulnerability Score 6.4 6.4
CVE Id CVE-2000-0770
Last Modified 07 Mar 2011 09:03:49
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

Vulnerable Systems


  • Microsoft Internet Information Server 4.0

  • Microsoft Internet Information Server 5.0


BID - 1565

MS - MS00-057

Last Updated: 27 May 2016 10:35:52