← CVECheck
HomeVulnerabilities

CVE-2003-0105 — MEDIUM severity vulnerability (ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2))

ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.

CVE IDCVE-2003-0105
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2004-09-28
Last modified2026-04-16
DescriptionServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →