Microsoft IIS 5.0 - Failure To Log Undocumented TRACK Requests

EDB-ID:

23490




Platform:

Windows

Date:

2003-12-29


source: https://www.securityfocus.com/bid/9313/info

A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to enumerate server banners. 

TRACK / HTTP/1.0 [\r\r]