• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1361
  • Last Modified:

Vulnerability CVE-2000-0649 CVE-2002-0419 Windows 2008 r2 with IIS7.5 express

I am getting this vulnerability and after some research, I found that this issue is just relating to IIS6 and lower. Is this true or is there a patch for IIS7.5?

CVE-2000-0649 CVE-2002-0419
Web Server Internal IP address or network name available
0
Larry Kiterling
Asked:
Larry Kiterling
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
Here is the test
telnet target 80
Trying target...
Connected to target.
Escape character is '^]'.
HEAD /directory HTTP/1.0[CRLF]
[CRLF]
if you have the vulnerability you will receive the following

HTTP/1.1 401 Access Denied
WWW-Authenticate: Basic realm="<Internal IP Address>"
Content-Length: 644
Content-Type: text/html
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now