Web Server HTTP Header Internal IP Disclosure

This script is Copyright (C) 2001-2016 Alert4Web.com, 2003 Westpoint Ltd

Synopsis :

This web server leaks a private IP address through its HTTP headers.

Description :

This may expose internal IP addresses that are usually hidden or
masked behind a Network Address Translation (NAT) Firewall or proxy

There is a known issue with Microsoft IIS 4.0 doing this in its default
configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations
related to redirection.

See also :


Solution :


Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.6
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 10759 (iis_nat.nasl)

Bugtraq ID: 1499

CVE ID: CVE-2000-0649

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now