Microsoft IIS 4.0/5.0/6.0 – Internal IP Address/Internal Network Name Disclosure

Microsoft IIS 4.0/5.0/6.0 – Internal IP Address/Internal Network Name Disclosure

漏洞ID 1053551 漏洞类型
发布时间 2001-08-08 更新时间 2001-08-08
图片[1]-Microsoft IIS 4.0/5.0/6.0 – Internal IP Address/Internal Network Name Disclosure-安全小百科CVE编号 N/A
图片[2]-Microsoft IIS 4.0/5.0/6.0 – Internal IP Address/Internal Network Name Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/21057
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/3159/info

A vulnerability has been discovered in Microsoft IIS that may disclose the internal IP address or internal network name to remote attackers. This vulnerability can be exploited if an attacker connects to a host using HTTPS (typically on port 443) and crafts a specially formed GET request. Microsoft IIS will return a 302 Object Moved error message containing the internal IP address or internal network name of the server.

It has been reported that a target host using HTTP is also vulnerable to this issue. 

GET /directory HTTP/1.0

相关推荐: Multiple Vendor amd Buffer Overflow Vulnerability

Multiple Vendor amd Buffer Overflow Vulnerability 漏洞ID 1104554 漏洞类型 Boundary Condition Error 发布时间 1999-08-30 更新时间 1999-08-30 CVE编号…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享