Forum Discussion

Nimbostratus

Jul 09, 2015

Threat :Microsoft IIS is exposed to an Internal IP Disclosure Vulnerability

Dears ; we have the below threat by PCI on OWA , we are using F5 11.6 + hotfix 4 , please how can F5 help to close this issue : "THREAT: Microsoft IIS is exposed to an Internal IP Disclosur...

Employee

Jul 09, 2015

Maybe the easiest solution is to prevent empty HTTP/1.0 Host headers from getting to IIS:

when HTTP_REQUEST {    
    if { [HTTP::version] eq "1.0" } {        
       if { not ( [HTTP::header exists Host] ) or ( [HTTP::header Host] eq "" ) } {           
            HTTP::header replace Host "somehost"
        }
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Threat :Microsoft IIS is exposed to an Internal IP Disclosure Vulnerability

Recent Discussions

Should config via cli rather than gui?

Management IP F5 cant be accessed

ASD

Big-IP VE edition for MacBook M4 Chip

301 redirect and waf policy log problem

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect

CVE-2021-26855 (SSRF) HAFNIUM APT Group Exploiting Microsoft Exchange Vulnerabilities

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Microsoft 365 IP Steering python Script

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS