Overview
Microsoft Windows Index Server ships with an optional sample package. A component of this package, SQLQHit.asp, can disclose sensitive information when sent crafted requests.
Description
The Microsoft Windows Index Server ships with optional sample files. While these files should never be installed on a production machine, it is possible to accidentally install them with Options Pack 4.0. SQLQHit.asp is a component of the sample package used to perform web-based SQL queries. An intruder can submit a specially crafted URL to an Internet Information Services (IIS) server running Index Server and find the physical path of files on the system. |
Impact
An intruder can gain sensitive information about a server's directory and file structure. |
Solution
Microsoft has an IIS checklist on which they recommend "Disable or remove all sample applications" - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/iischk.asp |
Ensure that the sample files are not installed on your IIS Server. They are located in the \inetpub\iissamples\ISSamples\ folder and are installed by default with Options Pack 4.0. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Our thanks to Syed Mohamed A, who reported this vulnerability to Microsoft and the CERT Coordination Center.
This document was written by Jason Rafail.
Other Information
| CVE IDs: | CVE-2001-0986 |
| Severity Metric: | 1.13 |
| Date Public: | 2001-09-14 |
| Date First Published: | 2001-09-27 |
| Date Last Updated: | 2001-09-27 17:56 UTC |
| Document Revision: | 7 |