Summary
The remote web server contains an ASP script that may allow uploading of arbitrary files.
Description :
At least one example script distributed with AspUpload appears to be installed on the remote web server. AspUpload is an ASP script that supports saving and processing files uploading through other web scripts, and the example script likely contains a flaw that allows an attacker to upload arbitrary files and store them anywhere on the affected drive.
Solution
Unknown at this time.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2001-0938 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N
Related Vulnerabilities
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- Apache Tomcat Multiple Vulnerabilities June-09