Penetration Testing mailing list archives
RE: assessing IIS 5.0
From: "Shenk, Jerry A" <jshenk () decommunications com>
Date: Tue, 5 Sep 2006 07:22:04 -0400
I'd vote for low. There really is nothing you can do with that information on it's own BUT, in conjunction with other info, it can be a big deal. -----Original Message----- From: vijay shetti [mailto:vijay.shetti () gmail com] Sent: Monday, September 04, 2006 3:59 AM To: pen-test () securityfocus com Subject: assessing IIS 5.0 Hello all!! During web assessment of one our clients I came to know that IIS 5.0 has internal IP address disclosure vuln... But what to do next?What rank should i give it ,is it a medium risk or low risk. regards, Vijay ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ **DISCLAIMER This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- assessing IIS 5.0 vijay shetti (Sep 05)
- Re: assessing IIS 5.0 Joey Peloquin (Sep 05)
- <Possible follow-ups>
- RE: assessing IIS 5.0 Butler, Theodore (Sep 05)
- Re: assessing IIS 5.0 Robert E. Lee (Sep 05)
- Re: assessing IIS 5.0 pratiksha . doshi (Sep 05)
- RE: assessing IIS 5.0 Butler, Theodore (Sep 05)
- RE: assessing IIS 5.0 Shenk, Jerry A (Sep 05)