VULHUB ™

Microsoft Security Bulletin (MS00-006) Update (March 31) - This patch eliminates two unrelated vulnerabilities in Microsoft Index Server. The first is the "Malformed Hit-Highlighting Argument" vulnerability which allowed any file on the system to be read. The second vulnerability involves the error message that is returned when a user requests a non-existent Internet Data Query (.idq) file which reveals the physical path to the web directory that was contained in the request. Microsoft FAQ on this issue available here.

Microsoft Security Bulletin (MS00-006) Update (March 31) - This patch eliminates two unrelated vulnerabilities in Microsoft Index Server. The first is the "Malformed Hit-Highlighting Argument" vulnerability which allowed any file on the system to be read. The second vulnerability involves the error message that is returned when a user requests a non-existent Internet Data Query (.idq) file which reveals the physical path to the web directory that was contained in the request. Microsoft FAQ on this issue available here.