PT-2000-1583 · Microsoft · Iis
Publicado
2000-07-13
·
Atualizado
2020-11-23
·
CVE-2000-0649
CVSS v2.0
2.6
Baixa
| Vetor | AV:N/AC:H/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IIS version 4.0
Description
The issue allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Recommendations
For IIS version 4.0, define a realm for web pages protected by basic authentication to prevent disclosure of the internal IP address.
Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Iis