Intrusion PreventionMS.IIS.Web.Server.Folder.Traversal.Evasion
Description
This indicates a directory traversal vulnerability in Microsoft Internet Information Service (IIS). It can be exploited by sending a unicode encoded URL request to a vulnerable server.
IIS is a powerful web server that provides a highly reliable, manageable, and scalable Web application infrastructure. There is a vulnerability in IIS 4.0 and 5.0 that allows remote attackers to read documents outside of the web root and possibly execute arbitrary commands on a target system by passing it URLs that contain special unicode encoded characters.
Affected Products
Any unpatched Microsoft IIS 4.0 or 5.0 server is vulnerable to the attack.
Impact
Attackers can gain access to files on the victim system, and even execute arbitrary commands.
Recommended Actions
Apply the patch from Microsoft Security Bulletin MS00-057. Customers who have applied the patch are already protected against the vulnerability and do not need to take additional action.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 15152 |
| Created | Nov 13, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2000-0884 |
| Exploit Prediction Score | 93.79% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IIS |