Sign-up

ID

VAR-200007-0038


CVE

CVE-2000-0649


TITLE

Microsoft Internet Information Services Information disclosure vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200007-036

DESCRIPTION

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined. Even if IIS is behind a firewall or NAT, it will disclose the true internal IP address to the remote user. The internal IP address may also be revealed through a HTTP request made with an empty host name. If a PROPFIND HTTP request is made, the message returned will include the IP address as part of the HREF header. The IP address may also be exposed through the WRITE or MKCOL methods, although they would not normally be exposed to the external network. Eg. telnet target 80 Trying target... Connected to target. Escape character is '^]'. HEAD /directory HTTP/1.0[CRLF] [CRLF] HTTP/1.1 401 Access Denied WWW-Authenticate: Basic realm="<Internal IP Address>" Content-Length: 644 Content-Type: text/html

Trust: 1.26

sources: NVD: CVE-2000-0649 // BID: 1499 // VULMON: CVE-2000-0649

AFFECTED PRODUCTS

vendor:microsoftmodel:internet information serverscope:eqversion:3.0

Trust: 1.6

vendor:microsoftmodel:internet information serverscope:eqversion:4.0

Trust: 1.6

vendor:microsoftmodel:internet information servicesscope:eqversion:5.0

Trust: 1.6

vendor:microsoftmodel:internet information servicesscope:eqversion:2.0

Trust: 1.0

vendor:microsoftmodel:internet information serverscope:eqversion:2.0

Trust: 0.6

vendor:microsoftmodel:internet information serverscope:eqversion:5.0

Trust: 0.6

vendor:microsoftmodel:iisscope:eqversion:5.1

Trust: 0.3

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 0.3

vendor:microsoftmodel:iis alphascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:iisscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:iisscope:eqversion:3.0

Trust: 0.3

vendor:microsoftmodel:iisscope:eqversion:2.0

Trust: 0.3

sources: BID: 1499 // CNNVD: CNNVD-200007-036 // NVD: CVE-2000-0649

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-0649
value: LOW

Trust: 1.0

CNNVD: CNNVD-200007-036
value: LOW

Trust: 0.6

VULMON: CVE-2000-0649
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2000-0649
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2000-0649 // CNNVD: CNNVD-200007-036 // NVD: CVE-2000-0649

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.0

sources: NVD: CVE-2000-0649

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200007-036

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-200007-036

EXPLOIT AVAILABILITY

sources:
            
            
            VULMON: CVE-2000-0649

PATCH
title:CVE-2000-0649url:https://github.com/rafaelh/CVE-2000-0649 
Trust: 0.1
title:win-iisadminurl:https://github.com/n-ventory/win-iisadmin 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2000-0649

EXTERNAL IDS
db:BIDid:1499
Trust: 2.0
db:NVDid:CVE-2000-0649
Trust: 2.0
db:CNNVDid:CNNVD-200007-036
Trust: 0.6
db:EXPLOIT-DBid:20096
Trust: 0.1
db:VULMONid:CVE-2000-0649
Trust: 0.1
sources:
            
            
            VULMON: CVE-2000-0649 // 
            
            
            
            BID: 1499 // 
            
            
            
            CNNVD: CNNVD-200007-036 // 
            
            
            
            NVD: CVE-2000-0649

REFERENCES
url:http://www.securityfocus.com/bid/1499
Trust: 1.8
url:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html
Trust: 1.7
url:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&a2=ind0007&l=ntbugtraq&f=&s=&p=3297
Trust: 0.3
url:http://support.microsoft.com/support/kb/articles/q218/1/80.asp
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://github.com/rafaelh/cve-2000-0649
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/20096/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2000-0649 // 
            
            
            
            BID: 1499 // 
            
            
            
            CNNVD: CNNVD-200007-036 // 
            
            
            
            NVD: CVE-2000-0649

CREDITS
Posted to NTBugtraq on July 13, 2000 by Dougal Campbell <dougal@GUNTERS.ORG>.
Trust: 0.9
sources:
            
            
            BID: 1499 // 
            
            
            
            CNNVD: CNNVD-200007-036

SOURCES
db:VULMONid:CVE-2000-0649
db:BIDid:1499
db:CNNVDid:CNNVD-200007-036
db:NVDid:CVE-2000-0649

LAST UPDATE DATE
2024-08-14T14:36:04.035000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2000-0649date:2020-11-23T00:00:00
db:BIDid:1499date:2009-07-11T02:56:00
db:CNNVDid:CNNVD-200007-036date:2021-08-16T00:00:00
db:NVDid:CVE-2000-0649date:2020-11-23T19:49:23.783

SOURCES RELEASE DATE
db:VULMONid:CVE-2000-0649date:2000-07-13T00:00:00
db:BIDid:1499date:2000-07-13T00:00:00
db:CNNVDid:CNNVD-200007-036date:2000-07-13T00:00:00
db:NVDid:CVE-2000-0649date:2000-07-13T04:00:00