CVE-1999-0407 Information

Description

By default IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks or to identify valid users on the system.

Reference

http://marc.info/?l=bugtraq&m=91983486431506&w=2 http://marc.info/?l=bugtraq&m=92000623021036&w=2