Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Fix for Internal IP address leak in OWA. (Very old)
.

  • To: [EMAIL PROTECTED]
  • Subject: Fix for Internal IP address leak in OWA. (Very old)
  • From: "wirepair" <[EMAIL PROTECTED]>
  • Date: Wed, 04 Feb 2004 11:44:25 -0800
.
 
lo all,
I realize i'm starting to sound like a broken record, but after searching for an hour or two and coming up with
nothing regarding the vulnerability found in 2001 for the GET /folder HTTP/1.0 leaks internal ip. I found that the
suggested fixes only worked for a regular IIS installation. OWA was completely different and I had to take pretty
drastic steps to stop the information leak.
Any ways here are my results and I hope this helps someone out there :)
http://sh0dan.org/files/owaipleakfix.html
-wire
--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf

---------------------------------------------------------------------------
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.