Sign-up

ID

VAR-200212-0468


CVE

CVE-2002-1745


TITLE

Microsoft IIS  of  CodeBrws.asp  In  off-by-one  Ella - Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2002-000095

DESCRIPTION

Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. ------------ This vulnerability information is a comprehensive explanation of multiple vulnerabilities that were published at the same time. Please note that this document contains vulnerability information other than the title. ------------Microsoft IIS 5.0 There is a problem with disclosing the source of the file. Microsoft IIS 5.0 has sample files installed for demonstration purposes. IIS 5.0 of Internet Service Manager One of the sample programs used by codebrws.asp There is a file called. codebrws.asp Due to a flaw in the handling of Unicode characters in this file, an attacker could potentially use this file to obtain the source of files located under the webroot directory. default settings IIS 5.0 Now remotely codebrws.asp Unless you intentionally change the settings, only local attacks will be successful.Please refer to the "Overview" for the impact of this vulnerability. However, this script (CodeBrws.asp) does not adequately filter unicode representations of directory traversals. For example, an attacker can break out of the sample script directory by substituting '%c0%ae%c0%ae' for '..' in a dot-dot-slash directory traversal attack. It has been demonstrated that this issue may be exploited to map out the directory structure of the filesystem on a host running the vulnerable script. However, a flaw exists which will allow an additional character to be added to the file extension. This may allow an attacker to view, for example, .aspx files used by the .NET architecture. If used in conjunction with the issues discussed in BID 4525, this may expose files outside of the sample script directory

Trust: 2.16

sources: NVD: CVE-2002-1745 // JVNDB: JVNDB-2002-000095 // BID: 4525 // BID: 4543

AFFECTED PRODUCTS

vendor:microsoftmodel:internet information servicesscope:eqversion:5.0

Trust: 1.6

vendor:マイクロソフトmodel:microsoft iisscope:eqversion: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft iisscope:eqversion:5.0

Trust: 0.8

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 0.6

vendor:microsoftmodel:internet information serverscope:eqversion:5.0

Trust: 0.6

sources: BID: 4525 // BID: 4543 // JVNDB: JVNDB-2002-000095 // CNNVD: CNNVD-200212-516 // NVD: CVE-2002-1745

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1745
value: HIGH

Trust: 1.0

NVD: CVE-2002-1745
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200212-516
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2002-1745
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2002-1745
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2002-1745
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2002-000095 // CNNVD: CNNVD-200212-516 // NVD: CVE-2002-1745

PROBLEMTYPE DATA

problemtype:CWE-193

Trust: 1.0

problemtype:Determination of boundary conditions (CWE-193) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2002-000095 // NVD: CVE-2002-1745

THREAT TYPE

network

Trust: 0.6

sources: BID: 4525 // BID: 4543

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 4525 // BID: 4543

PATCH

title:Top Page (( 2007/01/04  the current   (Information regarding this vulnerability could not be confirmed)url:http://www.microsoft.com/ja/jp/default.aspx

Trust: 0.8

sources: JVNDB: JVNDB-2002-000095

EXTERNAL IDS

db:NVDid:CVE-2002-1745

Trust: 3.2

db:BIDid:4543

Trust: 2.7

db:BIDid:4525

Trust: 1.4

db:JVNDBid:JVNDB-2002-000095

Trust: 0.8

db:XFid:8853

Trust: 0.6

db:NSFOCUSid:2646

Trust: 0.6

db:CNNVDid:CNNVD-200212-516

Trust: 0.6

sources: BID: 4525 // BID: 4543 // JVNDB: JVNDB-2002-000095 // CNNVD: CNNVD-200212-516 // NVD: CVE-2002-1745

REFERENCES

url:http://www.securityfocus.com/bid/4543

Trust: 2.4

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/8853

Trust: 1.0

url:http://online.securityfocus.com/archive/1/268303

Trust: 1.0

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1745

Trust: 0.8

url:http://www.securityfocus.com/bid/4525

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/8853

Trust: 0.6

url:http://www.nsfocus.net/vulndb/2646

Trust: 0.6

url:http://online.securityfocus.com/bid/4525

Trust: 0.3

sources: BID: 4543 // JVNDB: JVNDB-2002-000095 // CNNVD: CNNVD-200212-516 // NVD: CVE-2002-1745

CREDITS

Chris Anley※ chrisanley@hushmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200212-516

SOURCES

db:BIDid:4525
db:BIDid:4543
db:JVNDBid:JVNDB-2002-000095
db:CNNVDid:CNNVD-200212-516
db:NVDid:CVE-2002-1745

LAST UPDATE DATE

2025-04-03T22:21:58.991000+00:00


SOURCES UPDATE DATE

db:BIDid:4525date:2002-04-16T00:00:00
db:BIDid:4543date:2002-04-18T00:00:00
db:JVNDBid:JVNDB-2002-000095date:2024-03-06T02:22:00
db:CNNVDid:CNNVD-200212-516date:2005-10-20T00:00:00
db:NVDid:CVE-2002-1745date:2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:BIDid:4525date:2002-04-16T00:00:00
db:BIDid:4543date:2002-04-18T00:00:00
db:JVNDBid:JVNDB-2002-000095date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200212-516date:2002-04-18T00:00:00
db:NVDid:CVE-2002-1745date:2002-12-31T05:00:00