CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0649

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.587

EPSS Ranking 98.1%

CVSS Severity

CVSS v2 Score 2.6

References

http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html
http://www.securityfocus.com/bid/1499
http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0025.html
http://www.securityfocus.com/bid/1499

Products affected by CVE-2000-0649

Microsoft » Internet Information Server » Version: 3.0

cpe:2.3:a:microsoft:internet_information_server:3.0
Microsoft » Internet Information Server » Version: 4.0

cpe:2.3:a:microsoft:internet_information_server:4.0
Microsoft » Internet Information Services » Version: 2.0

cpe:2.3:a:microsoft:internet_information_services:2.0
Microsoft » Internet Information Services » Version: 5.0

cpe:2.3:a:microsoft:internet_information_services:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0649

Products

Pricing

Contact Us