Private IP Address Leaked Using The PROPFIND Method Network Vulnerability

Summary

The remote web server leaks a private IP address through the WebDAV interface. If this web server is behind a Network Address Translation (NAT) firewall or proxy server, then the internal IP addressing scheme has been leaked. This is typical of IIS 5.0 installations that are not configured properly. Detail: http://www.nextgenss.com/papers/iisrconfig.pdf

Solution

see http://support.microsoft.com/default.aspx?scid=KB%3BEN-US%3BQ218180&ID=KB%3BEN-US%3BQ218180

Severity

Classification

CVE CVE-2002-0422

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Availability of scanner helper tools
Comodo Internet Security Race Condition Vulnerability-02
Misc information on News server
Check SSL Weak Ciphers and Supported Ciphers
Compaq WBEM Server Detection

Private IP address Leaked using the PROPFIND method

Take action and discover your vulnerabilities