CVE-2000-0246

Internet Information Services 4.0 and 5.0 - Unauthenticated Source Code Disclosure via Virtualized UNC Share

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0246. PoCs published by Adam Coyne.

AI-analyzed exploit summary This exploit leverages a UNC path vulnerability in Microsoft IIS and related products to disclose source code of ASP or HTR files by appending a backslash to the URL. The vulnerability is triggered when the virtual host root is mapped to a UNC share.

Description

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Adam Coyne · textremotemultiple

https://www.exploit-db.com/exploits/19824

View Code ZIP pw:eip

This exploit leverages a UNC path vulnerability in Microsoft IIS and related products to disclose source code of ASP or HTR files by appending a backslash to the URL. The vulnerability is triggered when the virtual host root is mapped to a UNC share.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Commercial Internet System 2.0/2.5, IIS 4.0, Proxy Server 2.0, Site Server Commerce Edition 3.0

No auth needed

Prerequisites: Virtual host root mapped to a UNC share

MITRE ATT&CK

T1119 - Automated Collection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019

Vendor Advisory vendor-advisory x_refsource_mskb

http://www.microsoft.com/technet/support/kb.asp?ID=249599

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1081

Scores

EPSS 0.7998

EPSS Percentile 99.6%

Details

Status published

Products (7)

microsoft/commercial_internet_system 2.0

microsoft/commercial_internet_system 2.5

microsoft/internet_information_server 4.0

microsoft/internet_information_services 5.0

microsoft/proxy_server 2.0

microsoft/site_server 3.0

microsoft/site_server_commerce 3.0

Published Mar 30, 2000

Tracked Since Feb 18, 2026