Vulnerability CVE-2003-1567

Vulnerability Name:

CVE-2003-1567 (CCN-14077)

Assigned:

2003-12-28

Published:

2003-12-28

Updated:

2009-01-16

Summary:

The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by using TRACK to read the contents of the HTTP headers that are returned in the response, a technique that is similar to cross-site tracing (XST) using HTTP TRACE.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Obtain Information

References:

Source: NTBUGTRAQ
Type: Exploit
20031227 AQ-2003-02: Microsoft IIS Logging Failure

Source: MITRE
Type: CNA
CVE-2003-1566

Source: MITRE
Type: CNA
CVE-2003-1567

Source: CCN
Type: Cisco Security Notice
Cisco Enterprise Content Delivery System Manager HTTP TRACK Vulnerability

Source: CCN
Type: AQTRONIX Security Advisory AQ-2003-02
Microsoft IIS Logging Failure

Source: MISC
Type: Exploit
http://www.aqtronix.com/Advisories/AQ-2003-02.txt

Source: CCN
Type: US-CERT VU#288308
Microsoft Internet Information Server (IIS) vulnerable to cross-site scripting via HTTP TRACK method

Source: CERT-VN
Type: US Government Resource
VU#288308

Source: OSVDB
Type: Exploit
5648

Source: CCN
Type: OSVDB ID: 4864
Microsoft IIS TRACK Logging Failure

Source: CCN
Type: OSVDB ID: 5648
Multiple Web Server Dangerous HTTP Method TRACK

Source: CCN
Type: BID-33374
Microsoft IIS HTTP TRACK Method Information Disclosure Vulnerability

Source: CCN
Type: BID-9313
Microsoft IIS Failure To Log Undocumented TRACK Requests Vulnerability

Source: XF
Type: UNKNOWN
iis-improper-httptrack-logging(14077)

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:internet_information_services:4.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:internet_information_server:5.0:::far_east:*:*:*:*

Denotes that component is vulnerable

BACK