Vulnerabilities > CVE-2003-0105 - Unspecified vulnerability in Port80 Software Servermask

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
port80-software

Summary

ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.

Vulnerable Configurations

Part Description Count
Application
Port80_Software
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/34005/c030224-001.txt
idPACKETSTORM:34005
last seen2016-12-05
published2004-08-10
reporterCorsaire
sourcehttps://packetstormsecurity.com/files/34005/Corsaire-Security-Advisory-2003-02-24.1.html
titleCorsaire Security Advisory 2003-02-24.1