CVE-2000-0770
First published: Fri Oct 13 2000(Updated: )
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Information Services | =5.0 | |
| Microsoft Internet Information Server | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/microsoft
- product/internet information services
- product/internet information server
- collector/nvd-index
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/references
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- canonical/microsoft internet information services
- version/microsoft internet information services/5.0
- canonical/microsoft internet information server
- version/microsoft internet information server/4.0