Solved

Vulnerability CVE-2000-0649 CVE-2002-0419 Windows 2008 r2 with IIS7.5 express

Posted on 2014-09-30
1
1,041 Views
Last Modified: 2014-10-01
I am getting this vulnerability and after some research, I found that this issue is just relating to IIS6 and lower. Is this true or is there a patch for IIS7.5?

CVE-2000-0649 CVE-2002-0419
Web Server Internal IP address or network name available
0
Comment
Question by:Larry Kiterling
1 Comment
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 40353763
Here is the test
telnet target 80
Trying target...
Connected to target.
Escape character is '^]'.
HEAD /directory HTTP/1.0[CRLF]
[CRLF]
if you have the vulnerability you will receive the following

HTTP/1.1 401 Access Denied
WWW-Authenticate: Basic realm="<Internal IP Address>"
Content-Length: 644
Content-Type: text/html
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction I've been in the software industry for over 20 years. I've interviewed at lots of companies, from start ups in stealth mode to some of the biggest and most successful. I've also conducted lots of interviews, especially as I've become a…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question