Web Server HTTP Header Internal IP Disclosure

This script is Copyright (C) 2001-2012 Alert4Web.com, 2003 Westpoint Ltd


Synopsis :

This web server leaks a private IP address through its HTTP headers.

Description :

This may expose internal IP addresses that are usually hidden or
masked behind a Network Address Translation (NAT) Firewall or proxy
server.

There is a known issue with Microsoft IIS 4.0 doing this in its default
configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations
related to redirection.

See also :

http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html
http://support.microsoft.com/default.aspx?scid=kb
EN-US
Q218180
http://support.microsoft.com/default.aspx?scid=kb
EN-US
834141

Solution :

None

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 2.6
(CVSS2#E:H/RL:U/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 10759 (iis_nat.nasl)

Bugtraq ID: 1499

CVE ID: CVE-2000-0649