From: wirepair (wirepair@roguemail.net)
Date: Wed Feb 04 2004 - 14:44:25 EST
lo all,
I realize i'm starting to sound like a broken record, but after searching for an hour or two and coming up with
nothing regarding the vulnerability found in 2001 for the GET /folder HTTP/1.0 leaks internal ip. I found that the
suggested fixes only worked for a regular IIS installation. OWA was completely different and I had to take pretty
drastic steps to stop the information leak.
Any ways here are my results and I hope this helps someone out there :)
http://sh0dan.org/files/owaipleakfix.html
-wire
-- Visit Things From Another World for the best comics, movies, toys, collectibles and more. http://www.tfaw.com/?qt=wmf --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:47 EDT