Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.604 views

Microsoft IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS HTTP Internal IP Disclosure', 'Description' = %q Collect any leaked internal IPs by requesting commonly redirected locations from...

2.6CVSS7AI score0.77076EPSS
Exploits4
Metasploit
Metasploitadded 2012/02/20 4:44 a.m.160 views

Microsoft IIS HTTP Internal IP Disclosure

Collect any leaked internal IPs by requesting commonly redirected locations from IIS. CVE-2000-0649 references IIS 5.1 win2k, XP and older. However, in newer servers such as IIS 7+, this occurs when the alternateHostName is not set or misconfigured. Also collects internal IPs leaked from the...

2.6CVSS6.4AI score0.77076EPSS
Exploits4
CVE
CVEadded 2000/08/03 4:0 a.m.446 views

CVE-2000-0649

CVE-2000-0649 describes an HTTP internal IP disclosure in IIS 4.0: an attacker can obtain the server’s private IP by requesting a page protected with Basic Authentication (no realm) via HTTP/1.0. Connected documents (Metasploit IIS_INTERNAL_IP module, Nessus/Nessus-like plugin, OpenVAS NASL) corr...

2.6CVSS6.9AI score0.77076EPSS
Exploits3References2Affected Software2
Rows per page
Query Builder