← CVECheck
HomeVulnerabilities

CVE-2000-0071 — MEDIUM severity vulnerability (IIS 4.0 allows a remote attacker to obtain the real pathname)

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

CVE IDCVE-2000-0071
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2000-01-11
Last modified2026-04-16
DescriptionIIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →