Microsoft KB Archive/142631

= Internet Information Server Directory Access Issue Resolved =

PSS ID Number: 142631

Article Last Modified on 12/16/2003

-

The information in this article applies to:


 * Microsoft Windows NT Workstation 3.5
 * Microsoft Windows NT Workstation 3.51
 * Microsoft Windows NT Server 3.5
 * Microsoft Windows NT Server 3.51
 * Microsoft Internet Information Server 1.0

-



This article was previously published under Q142631





SYMPTOMS
Under special circumstances, Internet Information Server (IIS) grants a directory view to "secure" directories to clients using the following URL path:

http://servername/images/../../

The special case may occur if IIS WWW Service properties are set as follows:


 * 1) Directories: A virtual WWW directory is created that is not under the root home directory.
 * 2) Directories: Directory Browsing Allowed -- ENABLED.
 * 3) Services - Password authentication option: Allow Anonymous -- ENABLED.



CAUSE
Client access privileges were not being set correctly.



RESOLUTION
Obtain the fix referenced below. This issue is addressed and resolved in a new version of Infocomm.dll.



STATUS
Microsoft has confirmed this to be a problem in Windows NT version 3.51. This problem was corrected in the latest Windows NT 3.51 U.S. Service Pack. For information on obtaining the Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces):

S E R V P A C K

Additional query words: prodiis

Keywords: kbbug kbnetwork KB142631

Technology: kbiis100 kbiisSearch kbWinNT350search kbWinNT351search kbWinNTS350 kbWinNTS350search kbWinNTS351 kbWinNTS351search kbWinNTsearch kbWinNTSsearch kbWinNTW350 kbWinNTW350search kbWinNTW351 kbWinNTW351search kbWinNTWsearch

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© 2004 Microsoft Corporation. All rights reserved.