CVE-1999-1520

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

11/05/1999

Last modified:

03/04/2025

Description

A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information.

Impact

Vector 2.0

AV:N/AC:L/Au:N/C:P/I:N/A:N CVSS v2.0 Severity and Metrics:

Base Score: 5.00 MEDIUM
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): Physical
Integrity (I): None
Availability (A): None

Base Score 2.0

5.00

Severity 2.0

MEDIUM

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:microsoft:site_server:3.0:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://marc.info/?l=bugtraq&m=92647407227303&w=2
http://www.securityfocus.com/bid/256
https://exchange.xforce.ibmcloud.com/vulnerabilities/2270
http://marc.info/?l=bugtraq&m=92647407227303&w=2
http://www.securityfocus.com/bid/256
https://exchange.xforce.ibmcloud.com/vulnerabilities/2270