{"vuid":"VU#914859","idnumber":"914859","name":"Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application","keywords":["Microsoft Windows Index Server","sensitive configuration information","SQLQHIT.asp"],"overview":"Microsoft Windows Index Server ships with an optional sample package. A component of this package, SQLQHit.asp, can disclose sensitive information when sent crafted requests.","clean_desc":"The Microsoft Windows Index Server ships with optional sample files. While these files should never be installed on a production machine, it is possible to accidentally install them with Options Pack 4.0. SQLQHit.asp is a component of the sample package used to perform web-based SQL queries. An intruder can submit a specially crafted URL to an Internet Information Services (IIS) server running Index Server and find the physical path of files on the system.","impact":"An intruder can gain sensitive information about a server's directory and file structure.","resolution":"Microsoft has an IIS checklist on which they recommend \"Disable or remove all sample applications\" - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/iischk.asp","workarounds":"Ensure that the sample files are not installed on your IIS Server. They are located in the \\inetpub\\iissamples\\ISSamples\\ folder and are installed by default with Options Pack 4.0.","sysaffected":"","thanks":"Our thanks to Syed Mohamed A, who reported this vulnerability to Microsoft and the CERT Coordination Center.","author":"This document was written by Jason Rafail.","public":["h","t","t","p",":","/","/","w","w","w",".","s","e","c","u","r","i","t","y","f","o","c","u","s",".","c","o","m","/","b","i","d","/","3","3","3","9"],"cveids":["CVE-2001-0986"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-09-14T14:55:56Z","publicdate":"2001-09-14T00:00:00Z","datefirstpublished":"2001-09-27T17:56:21Z","dateupdated":"2001-09-27T17:56:22Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"15","cam_impact":"8","cam_easeofexploitation":"1","cam_attackeraccessrequired":"20","cam_scorecurrent":"1.125","cam_scorecurrentwidelyknown":"1.125","cam_scorecurrentwidelyknownexploited":"2.025","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.125,"vulnote":null}