CVE-2002-0422

Microsoft Internet Information Services - Information Disclosure

Title source: rule

Description

IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header.

Exploits (2)

metasploit WORKING POC

by Heather Pilkington, Matthew Dunn - k0pak4 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/iis_internal_ip.rb

View Code ZIP pw:eip

metasploit SCANNER

by et · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/webdav_internal_ip.rb

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/13431

[Third Party Advisory] http://www.iss.net/security_center/static/8385.php

[Mailing List] http://marc.info/?l=bugtraq&m=101536634207324&w=2

[Mailing List] http://marc.info/?l=ntbugtraq&m=101535147125320&w=2

Scores

EPSS 0.6259

EPSS Percentile 98.4%

Details

CWE

CWE-200

Status published

Products (1)

microsoft/internet_information_services 5.0

Published Aug 12, 2002

Tracked Since Feb 18, 2026