Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.12113
Category:Web Servers
Title:Private IP address Leaked using the PROPFIND method
Summary:The remote web server leaks a private IP address through the; WebDAV interface. If this web server is behind a Network Address Translation (NAT) firewall or; proxy server, then the internal IP addressing scheme has been leaked.;; This is typical of IIS 5.0 installations that are not configured properly.
Description:Summary:
The remote web server leaks a private IP address through the
WebDAV interface. If this web server is behind a Network Address Translation (NAT) firewall or
proxy server, then the internal IP addressing scheme has been leaked.

This is typical of IIS 5.0 installations that are not configured properly.

Solution:
See the references for an update / more information.

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2002-0422
Bugtraq: 20020305 IIS Internal IP Address Disclosure (#NISR05032002B) (Google Search)
http://marc.info/?l=bugtraq&m=101536634207324&w=2
http://marc.info/?l=ntbugtraq&m=101535147125320&w=2
http://www.osvdb.org/13431
http://www.iss.net/security_center/static/8385.php
CopyrightCopyright (C) 2004 Sword & Shield Enterprise Security, Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.