Lucene search

K
nvd[email protected]NVD:CVE-2000-0649
HistoryJul 13, 2000 - 4:00 a.m.

CVE-2000-0649

2000-07-1304:00:00
CWE-200
web.nvd.nist.gov
1

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.3%

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

Affected configurations

NVD
Node
microsoftinternet_information_serverMatch3.0
OR
microsoftinternet_information_serverMatch4.0
OR
microsoftinternet_information_servicesMatch2.0
OR
microsoftinternet_information_servicesMatch5.0

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.3%

Related for NVD:CVE-2000-0649