(HTTP is Also Affected) Re: Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Server/CGI) > Microsoft Internet Information Server (IIS) Web Server

Vendors: Microsoft

(HTTP is Also Affected) Re: Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users

SecurityTracker Alert ID: 1002170

SecurityTracker URL: http://securitytracker.com/id/1002170

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Aug 10 2001

Impact: Disclosure of system information

Version(s): 4.0 with SSL, 5.0 with SSL

Description: A vulnerability was reported by e-Synergies in Microsoft's IIS web server that allows remote users to determine internal IP addresses used by the web server or internal NetBIOS host names used by the web server.

eEye Digital Security reports that this vulnerability may also affect IIS running HTTP, not just SSL, depending on how the web server is configured.

For the original report, see the Message History.

Impact: A remote user can determine internal IP addresses used by the web server or internal NetBIOS host names used by the web server.

Solution: No solution was available at the time of this entry.

Vendor URL: www.microsoft.com/technet/security/ (Links to External Site)

Cause: State error

Underlying OS: Windows (NT), Windows (2000)

Message History: This archive entry is a follow-up to the message listed below.

Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users

Source Message Contents

Date: Thu, 9 Aug 2001 13:22:39 -0700
Subject: RE: Internal IP Address Disclosure in Microsoft-IIS 4.0 & 5.0


this isnt just for HTTPS... this can occur on plain HTTP also depending on
how someone has setup. If you have an IIS web server you should not use "all
ip addresses" for a web and instead pick the specific IP so that way IIS
does not accidently return internal IP's etc....

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Web Application Firewall

|| -----Original Message-----
|| From: marek_roy@hotmail.com [mailto:marek_roy@hotmail.com]
|| Sent: Tuesday, August 07, 2001 9:55 PM
|| To: bugtraq@securityfocus.com
|| Subject: Internal IP Address Disclosure in Microsoft-IIS 4.0 & 5.0
||
||
|| GGS-AU / e-Synergies Security Advisory
|| August 8, 2001
||
|| Internal IP Address Disclosure in Microsoft-IIS 4.0 &
|| 5.0
||
|| Synopsis:

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC