CVE-2000-0770

Summary

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

Technical Details

CVSSv2 Score:

6.4

CWE ID:

NVD-CWE-Other

Published Date:

Friday 20th of October 2000

Modified Date:

Tuesday 30th of October 2018

CVSSv2 Score:
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication Required: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: None
Common Platform Enumeration (CPE) Affected: Common Platform Enumeration (CPE) List:

Reference: Find your Vulnerabilities:

Find out if you have vulnerabilities exposing you to hackers and malware: Download Mageni's Free Edition

Keyword Search

Search CVEs, Products and Vendors.

Don't pay for a vulnerability scanning and management platform. This one is free.

Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage your vulnerabilities.