Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Information Services 信息泄露漏洞
Vulnerability Description
Microsoft Internet Information Services(IIS)是美国微软(Microsoft)公司的一款适用于Windows Server平台的Web服务器。 Microsoft IIS 5和5.1版本存在信息泄露漏洞,该漏洞源于IIS支持WebDAV类函数。远程攻击者可以借助带有空头的PROPFIND HTTP请求泄漏207多状态响应地址或WRITE或MKCOL类函数泄漏位置服务器头的IP。
CVSS Information
N/A
Vulnerability Type
N/A