CVE-2003-1306 - CERT CVE
ID CVE-2003-1306
Sažetak Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response.
Reference
CVSS
Base: 2.6
Impact: 2.9
Exploitability:4.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:H/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 05-09-2008 - 20:36
Objavljeno 31-12-2003 - 05:00