CVE-2000-0649
Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure
Severity Score
2.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
5
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Collect any leaked internal IPs by requesting commonly redirected locations from IIS. CVE-2000-0649 references IIS 5.1 (win2k, XP) and older. However, in newer servers such as IIS 7+, this occurs when the alternateHostName is not set or misconfigured. Also collects internal IPs leaked from the PROPFIND method in certain IIS versions.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2000-07-13 CVE Published
- 2000-07-13 First Exploit
- 2000-08-02 CVE Reserved
- 2023-03-08 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (8)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/20096 | 2000-07-13 | |
https://github.com/rafaelh/CVE-2000-0649 | 2024-04-01 | |
https://github.com/Downgraderz/PoC-CVE-2000-0649 | 2024-06-18 | |
http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html | 2024-08-08 | |
http://www.securityfocus.com/bid/1499 | 2024-08-08 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Internet Information Server Search vendor "Microsoft" for product "Internet Information Server" | 3.0 Search vendor "Microsoft" for product "Internet Information Server" and version "3.0" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Information Server Search vendor "Microsoft" for product "Internet Information Server" | 4.0 Search vendor "Microsoft" for product "Internet Information Server" and version "4.0" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Information Services Search vendor "Microsoft" for product "Internet Information Services" | 2.0 Search vendor "Microsoft" for product "Internet Information Services" and version "2.0" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Internet Information Services Search vendor "Microsoft" for product "Internet Information Services" | 5.0 Search vendor "Microsoft" for product "Internet Information Services" and version "5.0" | - |
Affected
|