OSVDB ID: 13431

Title: Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure

Info

Disclosure

Mar 05, 2002

Discovery

Unknown

Dates

Exploit

Mar 05, 2002

Solution

Unknown

Description

Microsoft IIS with WebDAV contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker supplies a malformed PROPFIND request containing an empty Host: header, which will disclose the server's internal IP address.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Open a command prompt and change the current directory to c:\inetpub\adminscripts or to where the adminscripts can be found. Run the commands: adsutil set w3svc/UseHostName True net stop iisadmin /y net start w3svc

Products

Microsoft Corporation	Internet Information Server	4
		5
		5.1

References

Keyword: #NISR05032002B
Related OSVDB ID: 13432 13433
CVE ID: 2002-0422 (see also: NVD)
Microsoft Knowledge Base Article: 218180
ISS X-Force ID: 8385
Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=101536634207324&w=2

Credit

David Litchfield - mnemonixGLOBALNET.CO.UK - Personal Page

Direct URL: http://osvdb.org/13431

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Internet Information Server

References

Credit