Vulnerability Name: | CVE-1999-0012 (CCN-709) | ||||||||
Assigned: | 1998-01-08 | ||||||||
Published: | 1998-01-08 | ||||||||
Updated: | 2022-08-17 | ||||||||
Summary: | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | File Manipulation | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Sat, 14 Aug 1999 13:58:38 -0700 Win32 File Naming (again) Source: MITRE Type: CNA CVE-1999-0012 Source: CCN Type: NTBugTraq Mailing List, Thu, 8 Jan 1998 19:04:23 -0700 Nifty Security hole on Several NT Based Web Servers Source: CCN Type: CERT Advisory CA-1998-04 Microsoft Windows-based Web Servers unauthorized access - long file names Source: CCN Type: CIAC Information Bulletin I-025a Windows NT based Web Servers File Access Vulnerability Source: CCN Type: Microsoft Product Support Services Windows NT Service Packs Source: CCN Type: Microsoft TechNet Microsoft Internet Information Server 4.0 Security Checklist Source: CCN Type: OSVDB ID: 11455 Microsoft IIS / PWS DOS Filename Request Access Bypass Source: CCN Type: OSVDB ID: 59826 vqSoft vqServer for Windows DOS Filename Request Access Bypass Source: CCN Type: OSVDB ID: 59827 Xitami Web Server DOS Filename Request Access Bypass Source: CCN Type: OSVDB ID: 59829 Netscape Enterprise/FastTrack DOS Filename Request Access Bypass Source: CCN Type: BID-135 NT Webserver Long File Name Access Protection Vulnerability Source: CCN Type: BID-582 Microsoft IIS And PWS 8.3 Directory Name Vulnerability Source: CCN Type: BID-584 Multiple Vendor 8.3 Filename Vulnerability Source: XF Type: UNKNOWN nt-web8.3(709) Source: MISC Type: UNKNOWN https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012 Source: CCN Type: Microsoft Knowledge Base Article 179148 Settings May Not Be Applied with URL with Short Filename | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |