Re: assessing IIS 5.0

From: Joey Peloquin (joeyp@cotse.net)
Date: Tue Sep 05 2006 - 08:41:29 EDT

• Next message: Shenk, Jerry A: "RE: assessing IIS 5.0"
• Previous message: mohanuagle@yahoo.co.in: "Re: Core Impact Vs Manual Pen Test"
• In reply to: vijay shetti: "assessing IIS 5.0"
• Next in thread: Shenk, Jerry A: "RE: assessing IIS 5.0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

vijay shetti wrote:
> Hello all!!
>
> During web assessment of one our clients I came to know that IIS 5.0
> has internal IP address disclosure vuln...
> But what to do next?What rank should i give it ,is it a medium risk or
> low risk.
>
>
> regards,
> Vijay
It also affects several other versions of IIS, and is usually classified as
low risk.

-jp

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Shenk, Jerry A: "RE: assessing IIS 5.0"
• Previous message: mohanuagle@yahoo.co.in: "Re: Core Impact Vs Manual Pen Test"
• In reply to: vijay shetti: "assessing IIS 5.0"
• Next in thread: Shenk, Jerry A: "RE: assessing IIS 5.0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:54 EDT