header-logo
Suggest Exploit
vendor:
IIS
by:
SecurityFocus
7.5
CVSS
HIGH
IIS Path Disclosure
200
CWE
Product Name: IIS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

IIS Path Disclosure

A GET request that specifies a nonexistent file with an IISAPI-registered extension (ie .pl, .idq) will cause the IIS server to return an error message that includes the full path of the root web server directory. This can happen if the file is referenced as the target of the GET or passed in a variable to a script that looks for the file.

Mitigation:

Ensure that all IISAPI-registered extensions are properly configured and that all requests for nonexistent files are handled gracefully.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/194/info

A GET request that specifies a nonexistent file with an IISAPI-registered extension (ie .pl, .idq) will cause the IIS server to return an error message that includes the full path of the root web server directory.

This can happen if the file is referenced as the target of the GET or passed in a variable to a script that looks for the file.

Example:

CGI Error The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are: Can't open perl script "C:\InetPub\scripts\ bogus.pl": No such file or directory

Navigation

Suggest Exploit

Services By CQR