Nessus Plugin #10491
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
ASP/ASA source using Microsoft Translate f: bug
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2000 Alexander Strouk
- Summary:
- downloads the source of IIS scripts such as ASA,ASP
- Version:
- $Revision: 1.15 $
- Cve_id:
- CVE-2000-0778
- Bugtraq_id:
- 1578
- Xrefs:
- -
- Description:
There is a serious vulnerability in Windows 2000 (unpatched by SP1) that
allows an attacker to view ASP/ASA source code instead of a processed file.
ASP source code can contain sensitive information such as username's and
passwords for ODBC connections.
Solution : install all the latest Microsoft Security Patches (Note: This
vulnerability is eliminated by installing Windows 2000 Service Pack 1)
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.