PCI compliance scan is failing because of this, I'm aware of adjustements that need to be made for 2003, but this is on a SBS 2008. Anybody have any ideas for a fix? RWW must be enable, users need it so that is not an option.
Description: Microsoft IIS Authentication Method Disclosed remote.mbros.com67.139.88.
Server 2008Feb 22 14:46:38 2011newSeverity: Area of Concern CVE: CVE-2002-0419 5.02738new11Impact: An attacker could determine which authentication scheme is required for confidential web pages. This can be used for
brute force attacks against known User IDs. Background: Microsoft IIS web servers support Basic and NTLM authentication. Determination of which authentication is used by a server may help with further intelligent attacks against the server or brute force password attacks. Resolution Use Fix information in [http://seclists.org/bugtraq/2002/Mar/00
94.html] Considerations for IIS authentication. Vulnerability Details: Service: https Sent: GET / HTTP/1.1 Host: remote.mbros.com Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAA
AAAAA AA= Received: 401 Unauthorized returned indicating NTLM Authentication [More]