IIS Unicode Directory Traversal
Added: 07/03/2006CVE: CVE-2000-0884
BID: 1806
OSVDB: 436
Background
Microsoft IIS is a web server for Windows platforms.Problem
Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%af. This allows remote attackers to access any executable file on the system using a directory traversal attack from the /scripts virtual directory, leading to command execution.Resolution
Install the patch referenced in Microsoft Security Bulletin 00-078.References
http://archives.neohapsis.com/archives/bugtraq/2000-10/0263.htmlLimitations
Certain characters are disallowed when using this exploit to run commands.Platforms
WindowsBack to exploit index