|
|
CVE Reference: CVE-2005-2678 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2678 |
|
|
Description: Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA16548 MISC http://ingehenriksen.blogspot.com/2005/08/remote-iis-5x-and-iis-60-server-name.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=112474727903399&w=2 |
|
| Return to the previous page. |
