Arbitrary File Reading in Microsoft Index Server Through WebHits ISAPI Filter
CVE-2000-0097

Currently unrated

Key Information:

Vendor: Microsoft
Status: Index Server
Vendor: CVE Published:; 26 January 2000

Summary

The WebHits ISAPI filter in Microsoft Index Server is susceptible to a vulnerability that allows remote attackers to read arbitrary files on the server. This occurs due to improper handling of certain parameters within the filter, which could be exploited if an attacker crafts a specially formatted request. The vulnerability enables unauthorized access to sensitive information that could potentially jeopardize the security and integrity of the affected systems.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/bid/950

vdb-entryx_refsource_BID

http://www.osvdb.org/1210

vdb-entryx_refsource_OSVDB

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 2, 2000
Vulnerability published
Jan 26, 2000