Microsoft IIS UNC映射虚拟主机漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105765 漏洞类型 输入验证
发布时间 2000-03-30 更新时间 2006-09-25
CVE编号 CVE-2000-0246 CNNVD-ID CNNVD-200003-052
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19824
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200003-052
|漏洞详情
IIS4.0and5.0存在漏洞,如果虚拟路径映射到UNC共享便不能正确处理ISAPIextension,远程攻击者可以利用这个漏洞读取ASP和其他文件的源码,也称“虚拟UNC共享”漏洞。
|漏洞EXP
MS Commercial Internet System 2.0/2.5,IIS 4.0,Proxy Server 2.0,Site Server Commerce Edition 3.0 UNC Mapped Virtual Host Vulnerability

source: http://www.securityfocus.com/bid/1081/info

If a virtual host root is mapped to a UNC share, a backward slash "\" appended to an ASP or HTR extension in a URL request to that virtual host will cause Microsoft Internet Information Server to transmit full source code of the file back to a remote user. Files located on the local drive where IIS is installed is not affected by this vulnerability. 

http://target/file.asp\
|参考资料

来源:MS
名称:MS00-019
链接:http://www.microsoft.com/technet/security/bulletin/ms00-019.asp
来源:BID
名称:1081
链接:http://www.securityfocus.com/bid/1081
来源:MSKB
名称:Q249599
链接:http://www.microsoft.com/technet/support/kb.asp?ID=249599