CVE-2000-0024 Information

Description

IIS does not properly canonicalize URLs potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters aka the \Escape Character Parsing\ vulnerability.

Reference

http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246401 http://www.acrossecurity.com/aspr/ASPR-1999-11-10-1-PUB.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-061