Vulnerability Database

Published: Jan 11, 2000
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2000-0071" target="_blank" rel="noopener"> CVE-2000-0071
Severity: Medium
Exploit:

300,445

Total vulnerabilities in the database

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
microsoft / internet_information_services	5.0	5.0.x
microsoft / internet_information_server	3.0	3.0.x
microsoft / internet_information_server	4.0	4.0.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.