CVE-2003-0105 — MEDIUM severity vulnerability (ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2))
ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.
| CVE ID | CVE-2003-0105 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2004-09-28 |
| Last modified | 2026-04-16 |
| Description | ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →