### [CVE-2000-0649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0649)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xNVAN/win-iisadmin
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Downgraderz/PoC-CVE-2000-0649
- https://github.com/JimboJimbabwe/HackGPTV2
- https://github.com/amtzespinosa/lord-of-the-root-walkthrough
- https://github.com/hanmin0512/Web-hacking-LAB
- https://github.com/kaif9711/Comprehensive-Penetration-Testing-on-Publisher-Linux-System-
- https://github.com/n-ventory/win-iisadmin
- https://github.com/rafaelh/CVE-2000-0649
- https://github.com/stevenvegar/cve-2000-0649