CVE-2001-0333 Information
Description
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and \\ characters twice.
Reference
http://marc.info/?l=bugtraq&m=98992056521300&w=2 http://www.cert.org/advisories/CA-2001-12.html http://www.securityfocus.com/bid/2708 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/6534 iis-url-decoding(6534) https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1018 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1051 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A37 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A78
Share on: