header-logo
Suggest Exploit
vendor:
IIS
by:
SecurityFocus
7.5
CVSS
HIGH
Microsoft IIS TRACK Logging
200
CWE
Product Name: IIS
Affected Version From: Microsoft IIS 4.0
Affected Version To: Microsoft IIS 5.1
Patch Exists: YES
Related CWE: CVE-2003-0533
CPE: a:microsoft:iis
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2003

Microsoft IIS TRACK Logging

Microsoft IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to enumerate server banners.

Mitigation:

Microsoft has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9313/info

A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to enumerate server banners. 

TRACK / HTTP/1.0 [\r\r]

Navigation

Suggest Exploit

Services By CQR