Re: MS IIS Internal IP Address/Hostname Vulnerability

From: Bernard Cheah [MVP] (qbernard_at_hotmail.com.discuss)
Date: 06/15/05

• Next message: David Wang [Msft]: "Re: 401.3 on IIS after SP1"
• Previous message: Bernard Cheah [MVP]: "Re: Win2003 Server/IIS 6.0 Anonymous Login not working"
• In reply to: SteveC: "MS IIS Internal IP Address/Hostname Vulnerability"
• Next in thread: SteveC: "Re: MS IIS Internal IP Address/Hostname Vulnerability"
• Reply: SteveC: "Re: MS IIS Internal IP Address/Hostname Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 15 Jun 2005 08:56:55 +0800

Are you using W2k3 ? if yes, get this hotfix or SP1
FIX: IP address is revealed in the content-location field in the TCP header
in IIS 6.0
http://support.microsoft.com/?id=834141

-- 
Regards,
Bernard Cheah
http://www.microsoft.com/iis/
http://www.iiswebcastseries.com/
http://www.msmvps.com/bernard/
"SteveC" <SteveC@discussions.microsoft.com> wrote in message 
news:9358889D-F4E8-4B3C-AF00-CBB1EB0BB1F7@microsoft.com...
> My vulnerability scanner is flagging my OWA website because of the MS IIS
> Internal IP Address/Hostname Vulnerability. I have issued the following
> command "adsutil set w3svc/UseHostName True" and rebooted the server. The
> vulnerability scan no longer picks up the internal IP address. However, it
> picks up the INTERNAL hostname and still flags me for the same 
> vulnerability.
> That leaves me in catch22. Set the flag to True and use the internal 
> hostname
> or False and display the IP address. Anyone know a fix for this? How can I
> get it to show my EXTERNAL hostname or IP address?
> Thanks
> -- 
> Steve 

---

• Next message: David Wang [Msft]: "Re: 401.3 on IIS after SP1"
• Previous message: Bernard Cheah [MVP]: "Re: Win2003 Server/IIS 6.0 Anonymous Login not working"
• In reply to: SteveC: "MS IIS Internal IP Address/Hostname Vulnerability"
• Next in thread: SteveC: "Re: MS IIS Internal IP Address/Hostname Vulnerability"
• Reply: SteveC: "Re: MS IIS Internal IP Address/Hostname Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: MS IIS Internal IP Address/Hostname Vulnerability ... I am using Windows 2000 Server with IIS 5. ... "Bernard Cheah " wrote: ... >> My vulnerability scanner is flagging my OWA website because of the MS IIS ... Anyone know a fix for this? ... (microsoft.public.inetserver.iis.security) Re: MS IIS Internal IP Address/Hostname Vulnerability ... If you don't mind, set it back to false, restart IIS ... you can 'twist' this by setting the related host header. ... >>>>> My vulnerability scanner is flagging my OWA website because of the ... >>>>> picks up the INTERNAL hostname and still flags me for the same ... (microsoft.public.inetserver.iis.security) [NT] 15 August 2001 Cumulative Patch for IIS ... Microsoft has released an important patch for IIS administrators. ... * A denial of service vulnerability that could enable an attacker to ... (Securiteam) SecurityFocus Microsoft Newsletter #82 ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft IIS HTR ISAPI Extension Buffer Overflow Vulnerability ... Microsoft IIS Help File Search Cross Site Scripting Vulnerability ... CSNews Professional Remote Command Execution Vulnerability ... (Focus-Microsoft) [NT] Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise ... This patch eliminates a newly discovered vulnerability affecting Internet ... in IIS 4.0 and 5.0, and could likewise be used to overrun heap memory on ... allowing code to be run on the server. ... * Microsoft has long recommended disabling HTR functionality unless there ... (Securiteam)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.inetserver.iis.security  > 2005-06