Penetration Testing mailing list archives

assessing IIS 5.0

From: "vijay shetti" <vijay.shetti () gmail com>
Date: Mon, 4 Sep 2006 13:29:01 +0530

Hello all!!

During web assessment of one our clients I came to know that IIS 5.0
has internal IP address disclosure vuln...
But what to do next?What rank should i give it ,is it a medium risk or low risk.


regards,
Vijay

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

assessing IIS 5.0 vijay shetti (Sep 05)
- Re: assessing IIS 5.0 Joey Peloquin (Sep 05)
- <Possible follow-ups>
- RE: assessing IIS 5.0 Butler, Theodore (Sep 05)
  - Re: assessing IIS 5.0 Robert E. Lee (Sep 05)
- Re: assessing IIS 5.0 pratiksha . doshi (Sep 05)
- RE: assessing IIS 5.0 Butler, Theodore (Sep 05)
- RE: assessing IIS 5.0 Shenk, Jerry A (Sep 05)