|Title:||shtml.exe reveals full path|
|Summary:||Retrieve the real path using shtml.exe|
The shtml.exe CGI which comes with FrontPage 2000
reveals the full path to the remote web root when
it is given a non-existent file as an argument.
This is useful to an attacker who can gain more
knowledge against the remote host.
Solution : Install Windows 2000 SP3
Risk factor : Low
BugTraq ID: 1174|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0413
Bugtraq: 20000506 shtml.exe reveal local path of IIS web directory (Google Search)
XForce ISS Database: iis-shtml-reveal-path
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.