POC详情: 00eba119419cdccb5ed4fb0bbfcfdcb4f8f2d6c3

来源
https://github.com/stevenvegar/cve-2000-0649
关联漏洞
标题: Microsoft Internet Information Services 信息泄露漏洞 (CVE-2000-0649)
描述:Microsoft Internet Information Services(IIS)是美国微软(Microsoft)公司的一款适用于Windows Server平台的Web服务器。 Microsoft Internet Information Services 4.0版本存在信息泄露漏洞。远程攻击者可以借助被基本认证保护并且无区域定义的网页的HTTP 1.0请求来获得服务器的内部IP地址。
描述
Script fo testing CVE-2000-0649 for Apache and MS IIS servers
介绍
# CVE-2000-0649 for Apache
CVE-2000-0649 is a low risk vulnerability that can potentially disclose the internal IP addresses of the server from the Location parameter in the respose header. Official details are here:

* Rapid7:
https://www.rapid7.com/db/modules/auxiliary/scanner/http/iis_internal_ip/
* CVE:
https://www.cvedetails.com/cve/CVE-2000-0649/
* NIST:
https://nvd.nist.gov/vuln/detail/CVE-2000-0649

The vulnerability has been seen to be exploited on Microsoft IIS Servers, from 2.0 to 5.0 versions, but it hasn't been reported for Apache.

This script is made as PoC to extract local IP address of Apache 2.4.29 server, but it hasn't been tested on newer versions.

The following is a screenshot taken for this vulnerability.

![Poc Tested](poc-tested.png)

Reference:

Security Tracker Archives:
https://securitytracker.com/id/1002188
文件快照

 [4.0K]  /data/pocs/00eba119419cdccb5ed4fb0bbfcfdcb4f8f2d6c3
├── [2.7K]  cve-2000-0649.py
├── [101K]  poc-tested.png
└── [ 849]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。