CVE-1999-1397

Currently unrated

Key Information:

Vendor: Microsoft
Status: Index Server
Vendor: CVE Published:; 23 March 1999

Summary

Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.

References

http://www.iss.net/security_center/static/7559.php

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=92242671024118&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=ntbugtraq&m=92223293409756&w=2

mailing-listx_refsource_NTBUGTRAQ

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Mar 23, 1999