|
Family: General --> Category: infos
Private IP address Leaked using the PROPFIND method Vulnerability Scan
Vulnerability Scan Summary Checks for private IP addresses in PROPFIND response
Detailed Explanation for this Vulnerability Test
The remote web server leaks a private IP address through the WebDAV interface. If this
web server is behind a Network Address Translation (NAT) firewall or proxy server, then
the internal IP addressing scheme has been leaked.
This is typical of IIS 5.0 installations that are not configured properly.
Detail: http://www.nextgenss.com/papers/iisrconfig.pdf
Solution: see http://support.microsoft.com/default.aspx?scid=KB%3BEN-US%3BQ218180&ID=KB%3BEN-US%3BQ218180
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|