virus logo Intrusion Prevention

HTTP.Server.Localhost.Request.Source.Code.Disclosure

description-logoDescription

It indicates a possible exploit of a source code disclosure vulnerability in Microsoft IIS.
Microsoft IIS has a vulnerability when the 500-100.asp script determines the SERVER_NAME variable. A remote attacker could send a specially-crafted HTTP request to spoof the SERVER_NAME variable and obtain sensitive information, such as parts of the ASP source code or possibly bypass the security restrictions conducted by the Web application that is based on the SERVER_NAME variable.

affected-products-logoAffected Products

Microsoft Corporation: Microsoft IIS 5.0
Microsoft Corporation: Microsoft IIS 5.1
Microsoft Corporation: Microsoft IIS 6.0
Microsoft Corporation: Windows 2000 Server SP 4
Microsoft Corporation: Windows 2003 Server SP1
Microsoft Corporation: Windows XP Professional SP2

Impact logoImpact

Stealing cookies, re-directing data or possibly modifying various URLs

recomended-action-logoRecommended Actions

See Microsoft Support Knowledge Base Article ID 906910: "The custom error page 500-100.asp may return sensitive information in Internet Information Services 5.0 and in Internet Information Services 5.1" at http://support.microsoft.com/default.aspx?scid=kb;en-us;906910.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-01-17 15.760 Sig Added
ID 13361
Created Oct 18, 2006
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2005-2678
Exploit Prediction Score 16.12%
Default Action drop
Active
Affected OS Windows
Affected App IIS