Re: IIS Internal IP disclosure

From: Renaud Deraison (deraisonat_private)
Date: Wed Feb 26 2003 - 12:23:13 PST

Next message: John Q. Public: "RE: Send control character in telnet from NASL?"

Previous message: Alex Zimin: "Re: IIS Internal IP disclosure"
In reply to: Alex Zimin: "Re: IIS Internal IP disclosure"
Next in thread: H D Moore: "Re: IIS Internal IP disclosure"
Reply: H D Moore: "Re: IIS Internal IP disclosure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 26, 2003 at 10:35:19AM -0800, Alex Zimin wrote:
> My script is not running check on the main page or looking for
> redirections, but rather sends a
> "HEAD /existingIISdirectoryname HTTP/1.0" request to IIS, which reveals
> IIS IP address if IIS is not properly configured.
> 
> This script is not something new, but rather an addition to an existing
> iis_nat script to increase Nessus chances of detecting internal IIS IP
> address which is a security risk and where iis_nat.nasl will miss find it.

Then I'd prefer you to send a patch for the iis_nat.nasl plugin so that
it does a proper check please.


				-- Renaud

Next message: John Q. Public: "RE: Send control character in telnet from NASL?"
Previous message: Alex Zimin: "Re: IIS Internal IP disclosure"
In reply to: Alex Zimin: "Re: IIS Internal IP disclosure"
Next in thread: H D Moore: "Re: IIS Internal IP disclosure"
Reply: H D Moore: "Re: IIS Internal IP disclosure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 12:25:40 PST