Microsoft IS error pages information leak

2005-08-2300:00:00

BUGTRAQ

vulners.com

Request variable SERVER_NAME controllable by client is used to validate server access.

CPENameOperatorVersion
internet information servereq5.1
internet information servereq6.0
internet information servereq5.0

Name	Operator	Version
internet information server	eq	5.1
internet information server	eq	6.0
internet information server	eq	5.0

References

vulners.com/securityvulns/securityvulns:doc:9557