Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

ASP/ASA source using Microsoft Translate f: bug (IIS 5.1) Vulnerability Scan


Vulnerability Scan Summary
downloads the source of IIS scripts such as ASA,ASP

Detailed Explanation for this Vulnerability Test

There is a serious vulnerability in IIS 5.1 that allows a possible hacker to
view ASP/ASA source code instead of a processed file, when the files are
stored on a FAT partition.

ASP source code can contain sensitive information such as username's and
passwords for ODBC connections.

See also : http://ingehenriksen.blogspot.com/2005/09/iis-51-allows-for-remote-viewing-of.html
Solution : Install the remote web server on a NTFS partition
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.