Private IP Address Leaked in HTTP Headers - Microsoft Community

-

i running issue, "private ip address leaked in http headers" vulnerabilities being detected. version of iis being utilized iis7, , used following link/command troubleshoot issue. 

https://blogs.msdn.microsoft.com/mike/2008/11/18/removing-an-iis-servers-ip-address-from-http-responses/

appcmd.exe set config -section:system.webserver/serverruntime /alternatehostname:”myserver”  /commit:apphost

originally, vulnerable url https://x.x.x.x/autodiscover. after applying above command, , while replacing "myserver" address on cas server, re-ran vulnerability scan. vulnerability still present, vulnerable url now https://x.x.x.x/autodiscover/autodiscover.xml. 

the other troubleshooting steps have found related iis6, not compatible iis7, since seem involve metabase. suggestions or resolutions appreciated. 

hi,

your question outside scope of community.

would kindly repost question:

"iis.net forums"

https://forums.iis.net/

technet forums:

https://social.technet.microsoft.com/forums/en-us/home

msdn forums:

https://social.msdn.microsoft.com/forums/en-us/home

cheers.



Windows / Other/Unknown / Security & privacy



Comments

Post a Comment

Popular posts from this blog

ClipUp.exe 100% CPU at boot only - Microsoft Community

-
recently i'm having problems fresh installation of windows 10 pro (3 day ago) win 7 pro key, dont have problems license, , system date, latest drivres versions of programs, said, it's fresh install (the previous installation reason started throwing bsod every time logged in account (by way use local accounts, if thats important problem))  so case is 1.- boot pc 2.- log in 3.- pc usable @ maximum of 1 minute, , open task manager(ctrl+shift+esc)(meanwhile spotify , steam opens , open on boot programs) 4.- pc frozen or unusable (the mouse struggles move , reacts 3 seconds later) 5.- in task manager "client license platform migration tool"(clipup.exe) has 100% of cpu (all 8 cores) "solution" a: try interact task manager , close god damn program , voila can use pc "solution" b: wait 15 20 minutes until program stops running , can use pc i found people "fixed" deleting program tried , cant delet
Read more

Error 8233 Microsoft Windows security -spp - Microsoft Community

-
log name:      application source:        microsoft-windows-security-spp date:          26-mar-17 5:52:03 pm event id:      8233 task category: none level:         warning keywords:      classic user:          n/a computer:       description: rules engine reported failed vl activation attempt. reason:0xc004f074 appid = 0ff1ce15-a989-479d-af46-f275c6370663, skuid = b322da9c-a2e2-4058-9e4e-f59a6970bd69 trigger=timerevent event xml: <event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">   <system>     <provider name="microsoft-windows-security-spp" guid="{e23b33b0-c8c9-472c-a5f9-f2bdfea0f156}" eventsourcename="software protection platform service" />     <eventid qualifiers="16384">8233</eventid> Windows / Other/Unknown
Read more