CVE-2001-0507
Description
IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Local users can escalate privileges on IIS 5.0 by placing a Trojan horse system file due to relative path usage.
Vulnerability
IIS 5.0 uses relative paths to locate system files that run in-process. This design flaw allows an attacker to place a malicious Trojan horse file in a location that IIS will search before the legitimate system file, leading to privilege elevation. The vulnerability affects IIS 5.0 [1].
Exploitation
An attacker must have local user access to the IIS server. By placing a specially crafted Trojan horse file in a path traversed by IIS during its in-process file search, the attacker can cause IIS to load and execute the malicious file instead of the intended system file [1].
Impact
Successful exploitation allows the attacker to gain elevated privileges, potentially executing code with the same privileges as the IIS process (typically SYSTEM). This could lead to complete compromise of the web server [1].
Mitigation
Microsoft released a cumulative security patch in MS01-044, which addresses this vulnerability. Administrators are advised to apply the patch to all IIS 5.0 systems [1]. No workaround is documented, and the patch is the recommended mitigation.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- online.securityfocus.com/archive/1/205069nvd
- www.ciac.org/ciac/bulletins/l-132.shtmlnvd
- www.osvdb.org/5607nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/6985nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A909nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A912nvd
News mentions
0No linked articles in our index yet.