SERVER-IIS -- Snort has detected traffic exploiting vulnerabilities in Microsoft IIS Web Servers.
SERVER-IIS Microsoft Windows IIS source code disclosure attempt
Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost. Impact: CVSS base score 5.0 CVSS impact score 2.9 CVSS exploitability score 10.0 confidentialityImpact PARTIAL integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
Server-Side Request Forgery
Server-Side Request Forgery (SSRF) attackers abuse functionality on the server to read or update internal resources. The attacker can supply or modify a URL for the server to read or submit data to. By carefully selecting the URLs, the attacker may be able to read server configuration such as AWS metadata, connect to internal services like http enabled databases or perform post requests for internal services which are not intended to be exposed.
CVE-2005-2678 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
