Home page logo
/

pen-test logo Penetration Testing mailing list archives

Fix for Internal IP address leak in OWA. (Very old)
From: "wirepair" <wirepair () roguemail net>
Date: Wed, 04 Feb 2004 11:44:25 -0800

lo all,
I realize i'm starting to sound like a broken record, but after searching for an hour or two and coming up with
nothing regarding the vulnerability found in 2001 for the GET /folder HTTP/1.0 leaks internal ip. I found that the
suggested fixes only worked for a regular IIS installation. OWA was completely different and I had to take pretty
drastic steps to stop the information leak.
Any ways here are my results and I hope this helps someone out there :)
http://sh0dan.org/files/owaipleakfix.html
-wire
--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf

---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Fix for Internal IP address leak in OWA. (Very old) wirepair (Feb 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]