Microsoft IIS Content Location Internal IP Address Disclosure
Publish Date: 18 agosto 2016
Gravità: : Alto
Descrizione
A vulnerability has been discovered in Microsoft IIS that may disclose the internal IP address or internal network name to remote attackers. This vulnerability can be exploited if an attacker connects to a host using HTTPS (typically on port 443) and crafts a specially formed GET request. Microsoft IIS will return a 302 Object Moved error message containing the internal IP address or internal network name of the server.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1005475