Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0507

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0507
Last Modified 05 Sep 2008 04:24:17
Published 20 Sep 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0507

Summary

IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.

Vulnerable Systems

Application

  • Microsoft Internet Information Server 5.0


References

MS - MS01-044

XF - iis-relative-path-privilege-elevation(6985)

OSVDB - 5607

CIAC - L-132

BUGTRAQ - 20010816 ENTERCEPT SECURITY ALERT: Privilege Escalation Vulnerability in Microsoft IIS


Last Updated: 27 May 2016 10:36:18