CVE-2000-0630
Internet Information Server 4.0-5.0 - Source Code Disclosure via .HTR File Fragment Reading
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0630. PoCs published by Zuo Lei.
AI-analyzed exploit summary This is a writeup describing a source code disclosure vulnerability in Microsoft IIS 4.0 and 5.0. By appending '+.htr' to a request for an .asp file, the server may disclose part or all of the source code due to improper handling by ISM.DLL.
Description
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Exploits (1)
This is a writeup describing a source code disclosure vulnerability in Microsoft IIS 4.0 and 5.0. By appending '+.htr' to a request for an .asp file, the server may disclose part or all of the source code due to improper handling by ISM.DLL.