Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/08/2005 Updated: 23/11/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Internet Information Server

Microsoft IIS 5.1 and 6 allows remote malicious users to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an localhost URI, which makes it appear as if the request is coming from localhost.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet information server 6.0
microsoft internet information services 5.0

NVD-CWE-Other http://ingehenriksen.blogspot.com/2005/08/remote-iis-5x-and-iis-60-server-name.html http://secunia.com/advisories/16548 http://www.vupen.com/english/advisories/2005/1503 http://marc.info/?l=bugtraq&m=112474727903399&w=2 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2678

Vulnerability Summary

References

Vulmon Search

About

Products

Connect