SuSE Update for mono-web SUSE-SA:2007:002

Impact
remote source code disclosure
Solution
Please Install the Updated Packages.
Insight
A security problem was found and fixed in the Mono / C# web server implementation. By appending spaces to URLs attackers could download the source code of ASP.net scripts that would normally get executed by the web server. This issue is tracked by the Mitre CVE ID CVE-2006-6104 and only affects SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise 10. Older products are not affected. The updated packages for this problem were released on December 29th 2006.
Affected
mono-web on openSUSE 10.2, SUSE LINUX 10.1, SUSE SLED 10, SUSE SLES 10
References