|
Family: CGI abuses --> Category: infos
ASP/ASA source using Microsoft Translate f: bug (IIS 5.1) Vulnerability Scan
Vulnerability Scan Summary downloads the source of IIS scripts such as ASA,ASP
Detailed Explanation for this Vulnerability Test
There is a serious vulnerability in IIS 5.1 that allows a possible hacker to
view ASP/ASA source code instead of a processed file, when the files are
stored on a FAT partition.
ASP source code can contain sensitive information such as username's and
passwords for ODBC connections.
See also : http://ingehenriksen.blogspot.com/2005/09/iis-51-allows-for-remote-viewing-of.html
Solution : Install the remote web server on a NTFS partition
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|