CVE-2005-2678
Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.
Learn more about our Cis Benchmark Audit For Microsoft Iis.
Learn more about our Cis Benchmark Audit For Microsoft Iis.