Microsoft IIS Cookie information disclosure

medium Nessus Plugin ID 12229

Language:

Synopsis

The remote web server is affected by an information disclosure vulnerability.

Description

The remote host is running Microsoft IIS with what appears to be a a vulnerable disclosure of cookie usage. That is, when sent a Cookie with the '=' character, Microsoft IIS will either respond with an error (if actually processing the cookie via a specific asp page) or disclose information of the .inc file used. This can be used to map applications which are processing cookies.

Solution

Configure IIS to return custom error pages.

See Also

https://seclists.org/fulldisclosure/2004/May/261

Plugin Details

Severity: Medium

ID: 12229

File Name: ms_invalid_cookie.nasl

Version: 1.17

Type: remote

Family: Web Servers

Published: 5/6/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 5/6/2004