| VID |
22066 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
There is a vulnerability in the webhits.dll file included in WindowsNT Option Pack 4.0 as part of Index Server 2.0. The vulnerability allows you to view any file on the filesystem as long as its name is known. It is also possible to get the source code of ASP scripts by issuing the following request :
GET /null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
ASP source codes usually contain sensitive information such as usernames and passwords.
* References:
http://www.iss.net/security_center/static/3884.php
http://www.microsoft.com/technet/security/bulletin/ms00-006.asp |
| Recommendation |
If you need the functionality provided by WebHits, then install the patch available at :
http://www.microsoft.com/technet/security/bulletin/ms00-006.asp
If you do not need this functionality, then unmap the .htw extensions from webhits.dll using the Internet Service Manager MMC snap-in. |
| Related URL |
CVE-2000-0097 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
