Description

IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.

Remediation

References

CVE-2000-0770

Related Vulnerabilities

WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1)

WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)

WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)

WordPress Plugin Team Showcase Multiple Vulnerabilities (1.22.15)

WordPress Plugin WP Maintenance Mode & Site Under Construction Cross-Site Request Forgery (1.8.2)

Severity

Medium

Classification

CVE-2000-0770

Tags

Missing Update Known Vulnerabilities