Summary
It is possible to get the source code of the remote ASP scripts by appending %20 at the end
of the request (like GET /default.asp%20)
ASP source code usually contains sensitive information such as logins and passwords.
Solution
install all the latest security patches
Severity
Classification
-
CVE CVE-2001-1248 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- aeNovo Database Content Disclosure Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability