ID CVE-1999-0386
Summary Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
References
Vulnerable Configurations
  • Microsoft Frontpage
    cpe:2.3:a:microsoft:frontpage
  • Microsoft personal_web_server 4.0
    cpe:2.3:a:microsoft:personal_web_server:4.0
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description MS FrontPage Personal WebServer 1.0/Personal Web Server 4.0 Directory Traversal. CVE-1999-0386. Remote exploit for windows platform
id EDB-ID:19753
last seen 2016-02-02
modified 1996-01-17
published 1996-01-17
reporter kiborg
source https://www.exploit-db.com/download/19753/
title Microsoft frontpage personal webserver 1.0/personal Web server 4.0 - Directory Traversal
nessus via4
NASL family CGI abuses
NASL id MSPWS_DOTDOTDOT.NASL
description It is possible to read any file on the remote system by prepending several dots before the file name.
last seen 2019-02-21
modified 2018-11-15
plugin id 10142
published 1999-06-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10142
title Microsoft Personal Web Server Multiple Dot Request Arbitrary File Access
refmap via4
ms MS99-010
osvdb 111
xf pws-file-access
Last major update 09-09-2008 - 08:34
Published 01-03-1999 - 00:00
Last modified 12-10-2018 - 17:29
Back to Top