CVE-1999-1397

Currently unrated

Key Information:

Vendor: Microsoft
Status: Index Server
Vendor: CVE Published:; 23 March 1999

Summary

Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.

References

http://www.iss.net/security_center/static/7559.php

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=92242671024118&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=ntbugtraq&m=92223293409756&w=2

mailing-listx_refsource_NTBUGTRAQ

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Mar 23, 1999

Collectors

NVD DatabaseMitre Database