{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-08-10T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "servermask-header-obtain-info(16947)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16947"}, {"tags": ["x_refsource_MISC"], "url": "http://www.corsaire.com/advisories/c030224-001.txt"}, {"name": "20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=109215441332682&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0105", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "servermask-header-obtain-info(16947)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16947"}, {"name": "http://www.corsaire.com/advisories/c030224-001.txt", "refsource": "MISC", "url": "http://www.corsaire.com/advisories/c030224-001.txt"}, {"name": "20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109215441332682&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:43:35.309Z"}, "title": "CVE Program Container", "references": [{"name": "servermask-header-obtain-info(16947)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16947"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.corsaire.com/advisories/c030224-001.txt"}, {"name": "20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=109215441332682&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0105", "datePublished": "2004-08-18T04:00:00.000Z", "dateReserved": "2003-02-26T00:00:00.000Z", "dateUpdated": "2024-08-08T01:43:35.309Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:port80_software:servermask:*:*:*:*:*:*:*:*", "matchCriteriaId": "563FA27F-F5EA-475E-B774-98205B0D8397", "versionEndIncluding": "2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server."}, {"lang": "es", "value": "ServerMask 2.2 y anteriores no ofuscan respuestas (1) ETag, (2) Mensaje de Estado HTTP, o (3) Permitir respuestas HTTP, lo que podr\u00eda decir a atacantes remotos que el servidor es IIS."}], "id": "CVE-2003-0105", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-09-28T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=109215441332682&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.corsaire.com/advisories/c030224-001.txt"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=109215441332682&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.corsaire.com/advisories/c030224-001.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16947"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}