Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0105

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0105
Last Modified 05 Sep 2008 04:33:29
Published 28 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0105

Summary

ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.

Vulnerable Systems

Application

  • Port80 Software Servermask 2.2


References

XF - servermask-header-obtain-info(16947)

MISC - http://www.corsaire.com/advisories/c030224-001.txt

BUGTRAQ - 20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies


Last Updated: 27 May 2016 10:37:47