CVE-1999-0154
Internet Information Server 2.0 and 3.0 - Unauthenticated Source Code Disclosure via ASP URL Trailing Dot
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-0154. PoCs published by Mark Joseph Edwards.
AI-analyzed exploit summary This is a writeup describing a vulnerability in Microsoft IIS 2.0 and 3.0 where appending a period or its hexadecimal encoding (%2e) to a script URL exposes the source code. The issue affects various script file types and can leak sensitive information.
Description
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
Exploits (1)
This is a writeup describing a vulnerability in Microsoft IIS 2.0 and 3.0 where appending a period or its hexadecimal encoding (%2e) to a script URL exposes the source code. The issue affects various script file types and can leak sensitive information.