|
|
|||
| Rule General Information |
|---|
| Release Date: | 2015-05-29 | |
| Rule Name: | Microsoft Index Server 2.0 File Information and Path Disclosure Vulnerability -2 (CVE-2001-0986) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | |
| Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
| Affected OS: | Windows | |
| Reference: | SecurityFocusBID:3339 |
|
| Solutions |
|---|
| No information about possible solutions is published. Please use an alternative product to substitude the affected software. |