CVE-2000-0630

IIS 4.0-5.0 - Info Disclosure

Title source: llm

Description

IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Zuo Lei · textremotewindows

https://www.exploit-db.com/exploits/20089

View Code ZIP pw:eip

References (3)

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-044

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/1488

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5104

Scores

EPSS 0.7596

EPSS Percentile 98.9%

Details

Status published

Products (2)

microsoft/internet_information_server 4.0

microsoft/internet_information_services 5.0

Published Jul 17, 2000

Tracked Since Feb 18, 2026