Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10759
Category:Web Servers
Title:Private IP address leaked in HTTP headers
Summary:This web server leaks a private IP address through its HTTP; headers.
Description:Summary:
This web server leaks a private IP address through its HTTP
headers.

Vulnerability Insight:
There is a known issue with IIS 4.0 doing this in its default
configuration.

Furthermore Microsoft Exchange CAS and OWA as well as other webservers or load balancers might be
also affected.

Vulnerability Impact:
This may expose internal IP addresses that are usually hidden or
masked behind a Network Address Translation (NAT) Firewall or proxy server.

Solution:
See the references for possible workarounds and updates.

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:N/A:N

Cross-Ref: BugTraq ID: 1499
Common Vulnerability Exposure (CVE) ID: CVE-2000-0649
http://www.securityfocus.com/bid/1499
http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html
CopyrightCopyright (C) 2001 Alert4Web.com, 2003 Westpoint Ltd

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.