CVE-ID

CVE-2000-0649

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20000802 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20000803)
Votes (Legacy)
ACCEPT(2) LeBlanc, Levy
MODIFY(1) Frech
NOOP(1) Cole
REVIEWING(2) Christey, Wall
Comments (Legacy)
 Christey> ADDREF http://support.microsoft.com/support/kb/articles/Q218/1/80.ASP
   
   Change description to point out that the internal IP address
   exposure is due to the default configuration as opposed to
   a bug.
 Frech> XF:iis-internal-ip-disclosure(5106)
 CHANGE> [Christey changed vote from NOOP to REVIEWING]
 Christey> There are two variants of the same type of issue here.  The
   KB article shows that IIS 4.0 reveals the IP address in a
   Content-Location MIME header field.  The NTBugtraq article
   says that the IP address is shown in the WWW-Authenticate
   MIME header.  Which one has been fixed, or both, and when?
 Christey> MSKB:Q218180 identifies a problem in which IIS returns the
   info in a Content-Location header, but the authentication
   realm problem is not specifically mentioned.  Are these the
   same problem?

Proposed (Legacy)
20000803
This is an entry on the CVE list, which standardizes names for security problems.