Re: assessing IIS 5.0

From: Joey Peloquin (joeyp@cotse.net)
Date: Tue Sep 05 2006 - 08:41:29 EDT


vijay shetti wrote:
> Hello all!!
>
> During web assessment of one our clients I came to know that IIS 5.0
> has internal IP address disclosure vuln...
> But what to do next?What rank should i give it ,is it a medium risk or
> low risk.
>
>
> regards,
> Vijay
It also affects several other versions of IIS, and is usually classified as
low risk.

-jp

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:54 EDT