Family: CGI abuses --> Category: attack
IIS ASP.NET Application Trace Enabled Vulnerability Scan
Vulnerability Scan Summary
Checks for ASP.NET application tracing
Detailed Explanation for this Vulnerability Test
The ASP.NET web application running in the root
directory of this web server has application
tracing enabled. This would allow a possible hacker to
view the last 50 web requests made to this server,
including sensitive information like Session ID values
and the physical path to the requested file.
Solution: Set in web.config
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.