Description of this vulnerabilities and solutions for Apache and IIS as follows. But I could not find any information about tomcat web server.
Thanks. ------------------------------------------------------ Vulnerability : Web Server Internal IP Address/Internal Network Name Disclosure Vulnerability port 80/tcp THREAT: Some Web servers contain a vulnerability giving remote attackers the ability to attain your internal IP address or internal network name. An attacker connected to a host on your network using HTTPS (typically on port 443) could craft a specially formed GET request from the Web server resulting in a 3XX Object Moved error message containing the internal IP address or internal network name of the Web server. A target host using HTTP may also be vulnerable to this issue. IMPACT: Successful exploitation of this vulnerability results in the disclosure of your internal IP address or internal network name, which could then be used in further attacks against the target host. SOLUTION: There are no patches available at this time. Please contact your vendor for updates. Workarounds: For IIS Web Server: Check the Microsoft arcticle on how to set the Hostname instead of internal IP address for IIS. For Apache Web Server: Modify the Apache configuration file as follows: - Set "ServerName" to a proper FQDN. or - Use module mod_rewrite to modify the 3xx error message returned by the server. No workaround information is available for other Web servers at this time. Refer to your vendor for an appropriate workaround. ---------------------------------------------------------------------------------------- Haluk. -----Original Message----- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Thursday, May 15, 2008 5:57 PM To: Tomcat Users List Subject: Re: Web Server Internal IP Address/Internal Network Name Disclosure Vulnerability HALUK YUZUCU wrote: > Hello everyone, > > Is there any idea of how to fix, > > "Web Server Internal IP Address/Internal Network Name Disclosure > Vulnerability" in tomcat6. Could you provide a reference for this please. All a Google search turns up is an issue with IIS, not Tomcat. Mark --------------------------------------------------------------------- To start a new topic, e-mail: [email protected] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Bu elektronik posta mesajı ve ekleri, isimleri yazılı alıcılar dışındaki kişilere açıklanmaması, dağıtılmaması ve iletilmemesi gereken kişiye özel ve gizli bilgiler içerebilir. Mesajın muhatabı değilseniz lütfen gönderici ile irtibat kurunuz, mesaj ve eklerini siliniz. Elektronik posta sistemlerinin taşıdığı güvenlik risklerinden dolayı, mesajların gizlilikleri ve bütünlükleri bozulabilir, mesaj virüs içerebilir. Bilinen virüslere karşı kontrolleri yapılmış olarak yollanan mesajın sisteminizde yaratabileceği olası zararlardan Pegasus Hava Taşımacılığı A.Ş. sorumlu tutulamaz. This e-mail and its attachments may contain private and confidential information intended for the use of the addresses only, which should not be announced, copied or forwarded. If you are not the intended recipient, please contact the sender, delete the message and its attachments. Due to security risks of e-mail systems, the confidentiality and integrity of the message may be damaged, the message may contain viruses. This message is scanned for known viruses and Pegasus Airlines will not be liable for possible system damages caused by the message. --------------------------------------------------------------------- To start a new topic, e-mail: [email protected] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
