Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0649

CWE-200 — Information Exposure7 documents5 sources

Severity

2.6LOW

EPSS

63.0%

top 1.61%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Internet Information Server Microsoft Internet Information Services

Timeline

PublishedJul 13

Latest updateApr 30

Description

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/internet_information_server3.0, 4.0+1

▶NVDmicrosoft/internet_information_services2.0, 5.0+1

Patches

Patch: archives.neohapsis.com ↗Patch: www.securityfocus.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-rv5h-jg6x-f3vp: IIS 4↗2022-04-30

▶

CVEList

CVE-2000-0649: IIS 4↗2000-08-03

▶

💥Exploits & PoCs

Exploit-DB

Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)↗2010-04-30

▶

Exploit-DB

Microsoft SQL Server 2000 - Resolution Service Heap Overflow↗2002-07-25

▶

Exploit-DB

Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure↗2000-07-13

▶

Metasploit

Microsoft IIS HTTP Internal IP Disclosure↗

▶