Gravité: : Élevé

  Description

Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000128
  Trend Micro Deep Security DPI Rule Name: 1000128 - HTTP Protocol Decoding

  Affected software and version:

  • Microsoft IIS 4.0
  • Microsoft IIS 5.0