01642 06 11 11 Arrange Call

ServerMask 2.2 and earlier reveals IIS server identity in HTTP responses

CVE-2003-0105 · MEDIUM

CVE-2003-0105

ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.

Learn more about our Cis Benchmark Audit For Microsoft Iis.