SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Microsoft Internet Information Server (IIS) Web Server Vendors:   Microsoft
(HTTP is Also Affected) Re: Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users
SecurityTracker Alert ID:  1002170
SecurityTracker URL:  http://securitytracker.com/id/1002170
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 10 2001
Impact:   Disclosure of system information

Version(s): 4.0 with SSL, 5.0 with SSL
Description:   A vulnerability was reported by e-Synergies in Microsoft's IIS web server that allows remote users to determine internal IP addresses used by the web server or internal NetBIOS host names used by the web server.

eEye Digital Security reports that this vulnerability may also affect IIS running HTTP, not just SSL, depending on how the web server is configured.

For the original report, see the Message History.

Impact:   A remote user can determine internal IP addresses used by the web server or internal NetBIOS host names used by the web server.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.microsoft.com/technet/security/ (Links to External Site)
Cause:   State error
Underlying OS:  Windows (NT), Windows (2000)

Message History:   This archive entry is a follow-up to the message listed below.
Aug 8 2001 Microsoft Internet Information Server (IIS) Web Server Discloses Internal IP Addresses or NetBIOS Host Names to Remote Users



 Source Message Contents

Subject:  RE: Internal IP Address Disclosure in Microsoft-IIS 4.0 & 5.0


this isnt just for HTTPS... this can occur on plain HTTP also depending on
how someone has setup. If you have an IIS web server you should not use "all
ip addresses" for a web and instead pick the specific IP so that way IIS
does not accidently return internal IP's etc....

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Web Application Firewall

|| -----Original Message-----
|| From: marek_roy@hotmail.com [mailto:marek_roy@hotmail.com]
|| Sent: Tuesday, August 07, 2001 9:55 PM
|| To: bugtraq@securityfocus.com
|| Subject: Internal IP Address Disclosure in Microsoft-IIS 4.0 & 5.0
||
||
|| GGS-AU / e-Synergies Security Advisory
|| August 8, 2001
||
|| Internal IP Address Disclosure in Microsoft-IIS 4.0 &
|| 5.0
||
|| Synopsis:

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC