MS.IIS.File.Fragment.Disclosure

description-logoDescription

This indicates an attack attempt against a fragment disclosure vulnerability in IIS.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to read the source code from executable web server programs by appending "%3F+.htr" to the requested URL.

affected-products-logoAffected Products

Microsoft IIS 5.0
Microsoft IIS 4.0

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-11-24 18.202 Sig Added
2020-08-19 15.908 Sig Added