|
Family: CGI abuses --> Category: infos
ASP source using %2e trick Vulnerability Scan
Vulnerability Scan Summary downloads the source of ASP scripts
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by an information disclosure flaw.
Description :
It is possible to get the source code of a remote ASP script by
appending '%2e' to the end of the request. ASP source code usually
contains sensitive informations such as logins and passwords.
Solution :
Unknown at this time.
Threat Level:
Low / CVSS Base Score : 1
(AV:R/AC:L/Au:R/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|