Solved

Vulnerability CVE-2000-0649 CVE-2002-0419 Windows 2008 r2 with IIS7.5 express

Posted on 2014-09-30
1
1,016 Views
Last Modified: 2014-10-01
I am getting this vulnerability and after some research, I found that this issue is just relating to IIS6 and lower. Is this true or is there a patch for IIS7.5?

CVE-2000-0649 CVE-2002-0419
Web Server Internal IP address or network name available
0
Comment
Question by:Larry Kiterling
1 Comment
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 40353763
Here is the test
telnet target 80
Trying target...
Connected to target.
Escape character is '^]'.
HEAD /directory HTTP/1.0[CRLF]
[CRLF]
if you have the vulnerability you will receive the following

HTTP/1.1 401 Access Denied
WWW-Authenticate: Basic realm="<Internal IP Address>"
Content-Length: 644
Content-Type: text/html
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question