Web Server PROPFIND Method Internal IP Disclosure
Low Nessus Plugin ID 12113
SynopsisThis web server leaks a private IP address through its WebDAV interface.
DescriptionThe remote installation of IIS leaks a private IP address through the WebDAV interface. This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server.
This is typical of IIS installations that are not configured properly.
SolutionConsult Microsoft's KB article for steps to resolve the issue.