Family: Web Servers --> Category: infos
Microsoft's Index server reveals ASP source code Vulnerability Scan
Vulnerability Scan Summary
Checks for a problem in webhits.dll
Detailed Explanation for this Vulnerability Test
It is possible to get the source code of
ASP scripts by issuing the following request :
ASP source codes usually contain sensitive information such
as usernames and passwords.
Solution : If you need the functionality provided by
WebHits, then install the patch available at :
If you do not need this functionality, then unmap the
.htw extensions from webhits.dll using the Internet
Service Manager MMC snap-in.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.