CVE-2000-0884

EXPLOITED

IIS 4.0-5.0 - Path Traversal

Title source: llm

Description

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

Exploits (9)

exploitdb WORKING POC VERIFIED
by Optyx · cremotewindows
https://www.exploit-db.com/exploits/190
exploitdb WORKING POC VERIFIED
by Roelof Temmingh · perlremotewindows
https://www.exploit-db.com/exploits/192
exploitdb WORKING POC VERIFIED
by steeLe · perlremotewindows
https://www.exploit-db.com/exploits/191
exploitdb WORKING POC VERIFIED
by incubus · cremotewindows
https://www.exploit-db.com/exploits/189
exploitdb SCANNER VERIFIED
by Roelof Temmingh · perlremotewindows
https://www.exploit-db.com/exploits/20299
exploitdb WORKING POC VERIFIED
by Andrea Spabam · perlremotewindows
https://www.exploit-db.com/exploits/20302
exploitdb WORKING POC VERIFIED
by BoloTron · phpremotewindows
https://www.exploit-db.com/exploits/20301
exploitdb WORKING POC VERIFIED
by zipo · cremotewindows
https://www.exploit-db.com/exploits/20300
exploitdb WORKING POC VERIFIED
by Gabriel Maggiotti · cremotewindows
https://www.exploit-db.com/exploits/20298

References (5)

Scores

EPSS 0.8407
EPSS Percentile 99.3%

Details

VulnCheck KEV 2005-08-25
Status published
Products (2)
microsoft/internet_information_server 4.0
microsoft/internet_information_services 5.0
Published Dec 19, 2000
Tracked Since Feb 18, 2026