Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability

Bugtraq ID: 1806
Class: Input Validation Error
Remote: Yes
Local: Yes
Published: Oct 17 2000 12:00AM
Updated: Oct 17 2000 12:00AM
Credit: Discovered by an anonymous poster to a Packetstorm forum. Additional research conducted by Rain Forest Puppy <>. Publicized in a Microsoft Security Bulletin (MS00-078) on October 17, 2000. Microsoft Personal Web Server discovered and post
Vulnerable: Microsoft Personal Web Server 4.0
Microsoft IIS 5.0
Microsoft IIS 4.0 alpha
Microsoft IIS 4.0
Not Vulnerable:


Privacy Statement
Copyright 2010, SecurityFocus