IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the Virtualized UNC Share vulnerability.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Commercial_internet_system | Microsoft | 2.0 | 2.0 |
Commercial_internet_system | Microsoft | 2.5 | 2.5 |
Internet_information_server | Microsoft | 4.0 | 4.0 |
Internet_information_services | Microsoft | 5.0 | 5.0 |
Proxy_server | Microsoft | 2.0 | 2.0 |
Site_server | Microsoft | 3.0 | 3.0 |
Site_server_commerce | Microsoft | 3.0 | 3.0 |