2000-02-04 05:00:00
mitre
PUBLISHED
IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.