Family: Web Servers --> Category: infos
Microsoft IIS Cookie information disclosure Vulnerability Scan
Vulnerability Scan Summary
Microsoft IIS Cookie information disclosure
Detailed Explanation for this Vulnerability Test
The remote host is running Microsoft IIS with what appears to be
a vulnerable disclosure of cookie usage. That is, when sent a
Cookie with the '=' character, Microsoft IIS will either respond
with an error (if actually processing the cookie via a specific
asp page) or disclose information of the .inc file used. This can
be used to map applications which are processing cookies.
Solution : change default error pages
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.