Description
IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (7.8.9)
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)
Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)