Intrusion Prevention

MS.IIS.UNC.Mapped.Virtual.Host.Information.Disclosure

Description

This indicates an attack attempt to exploit an information-disclosure vulnerability in Microsoft IIS.
The vulnerability is caused by an error when the vulnerable software handles a backward slash "\" appended to an ASP in an HTTP request. As a result, a remote attacker can read the source code of the ASP file by sending a crafted HTTP request.

Affected Products

Microsoft Site Server Commerce Edition 3.0 i386
Microsoft Site Server Commerce Edition 3.0 alpha
Microsoft Proxy Server 2.0
Microsoft IIS 5.0
Microsoft IIS 4.0 alpha
Microsoft IIS 4.0
Microsoft Commercial Internet System 2.5
Microsoft Commercial Internet System 2.0

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/Bulletin/MS00-019.mspx

CVE References

CVE-2000-0246