DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:10956", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Codebrws.asp Source Disclosure Vulnerability", "description": "Microsoft's IIS 5.0 web server is shipped with a set of\nsample files to demonstrate different features of the ASP\nlanguage. One of these sample files allows a remote user to\nview the source of any file in the web root with the extension\n.asp, .inc, .htm, or .html.", "published": "2005-11-03T00:00:00", "modified": "2017-12-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=10956", "reporter": "This script is Copyright (C) 2002 Matt Moore / HD Moore", "references": [], "cvelist": ["CVE-1999-0739"], "immutableFields": [], "lastseen": "2017-12-08T11:44:03", "viewCount": 10, "enchantments": {"score": {"value": -0.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-1999-0739"]}, {"type": "nessus", "idList": ["IIS_CODEBRWS.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231010956"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-1999-0739"]}, {"type": "nessus", "idList": ["WEBMIRROR.NASL"]}]}, "exploitation": null, "epss": [{"cve": "CVE-1999-0739", "epss": "0.015250000", "percentile": "0.849960000", "modified": "2023-03-15"}], "vulnersScore": -0.0}, "_state": {"dependencies": 1678912935, "score": 1678910287, "epss": 1678926051}, "_internal": {"score_hash": "bc3aa92fd927d704f08d02f264f8f568"}, "pluginID": "10956", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: iis_codebrws.nasl 8023 2017-12-07 08:36:26Z teissa $\n# Description: Codebrws.asp Source Disclosure Vulnerability\n#\n# Authors:\n# Matt Moore <matt@westpoint.ltd.uk>\n# Majority of code from plugin fragment and advisory by H D Moore <hdm@digitaloffense.net>\n#\n# Copyright:\n# Copyright (C) 2002 Matt Moore / HD Moore\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_summary = \"Microsoft's IIS 5.0 web server is shipped with a set of\nsample files to demonstrate different features of the ASP\nlanguage. One of these sample files allows a remote user to\nview the source of any file in the web root with the extension\n.asp, .inc, .htm, or .html.\";\n\ntag_solution = \"Remove the /IISSamples virtual directory using the Internet Services Manager. \nIf for some reason this is not possible, removing the following ASP script will\nfix the problem:\n\nThis path assumes that you installed IIS in c:\\inetpub\n \nc:\\inetpub\\iissamples\\sdk\\asp\\docs\\CodeBrws.asp\";\n\n\nif(description)\n{\n script_id(10956);\n script_version(\"$Revision: 8023 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_cve_id(\"CVE-1999-0739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n name = \"Codebrws.asp Source Disclosure Vulnerability\";\n script_name(name);\n \n\n \n \n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_active\");\n \n script_copyright(\"This script is Copyright (C) 2002 Matt Moore / HD Moore\");\n family = \"Web Servers\";\n script_family(family);\n script_dependencies(\"find_service.nasl\", \"no404.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n# Check simpy tests for presence of Codebrws.asp. Could be improved\n# to use the output of webmirror.nasl, and actually exploit the vulnerability.\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port(default:80);\nif ( ! can_host_asp(port:port) ) exit(0);\n\n\nreq = http_get(item:\"/iissamples/sdk/asp/docs/codebrws.asp\", port:port);\nres = http_keepalive_send_recv(data:req, port:port);\nif (\"View Active Server Page Source\" >< res)\n{\n security_message(port);\n}\n", "naslFamily": "Web Servers"}

{"openvas": [{"lastseen": "2020-05-15T15:06:57", "description": "Microsoft", "cvss3": {}, "published": "2005-11-03T00:00:00", "type": "openvas", "title": "Codebrws.asp Source Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-1999-0739"], "modified": "2020-05-12T00:00:00", "id": "OPENVAS:136141256231010956", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231010956", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Codebrws.asp Source Disclosure Vulnerability\n#\n# Authors:\n# Matt Moore <matt@westpoint.ltd.uk>\n# Majority of code from plugin fragment and advisory by H D Moore <hdm@digitaloffense.net>\n#\n# Copyright:\n# Copyright (C) 2002 Matt Moore / HD Moore\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.10956\");\n script_version(\"2020-05-12T10:26:19+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-12 10:26:19 +0000 (Tue, 12 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_cve_id(\"CVE-1999-0739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Codebrws.asp Source Disclosure Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2002 Matt Moore / HD Moore\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_get_http_banner.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IIS/banner\");\n\n script_tag(name:\"solution\", value:\"Remove the /IISSamples virtual directory using the Internet Services Manager.\n\n If for some reason this is not possible, removing the following ASP script will fix the problem:\n\n This path assumes that you installed IIS in c:\\inetpub\n\n c:\\inetpub\\iissamples\\sdk\\asp\\docs\\CodeBrws.asp\");\n\n script_tag(name:\"summary\", value:\"Microsoft's IIS 5.0 web server is shipped with a set of\n sample files to demonstrate different features of the ASP language. One of these sample\n files allows a remote user to view the source of any file in the web root with the extension\n .asp, .inc, .htm, or .html.\");\n\n script_tag(name:\"qod_type\", value:\"remote_active\");\n script_tag(name:\"solution_type\", value:\"Mitigation\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port(default:80);\nsig = http_get_remote_headers(port:port);\nif(!sig || \"IIS\" >!< sig)\n exit(0);\n\nif(!http_can_host_asp(port:port))\n exit(0);\n\nurl = \"/iissamples/sdk/asp/docs/codebrws.asp\";\nreq = http_get(item:url, port:port);\nres = http_keepalive_send_recv(data:req, port:port);\nif(!res)\n exit(0);\n\nif(\"View Active Server Page Source\" >< res) {\n report = http_report_vuln_url(port:port, url:url);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-02-09T13:59:10", "description": "The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.", "cvss3": {}, "published": "1999-05-07T04:00:00", "type": "cve", "title": "CVE-1999-0739", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-1999-0739"], "modified": "2018-10-12T21:29:00", "cpe": ["cpe:/a:microsoft:internet_information_server:4.0"], "id": "CVE-1999-0739", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0739", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-11T14:13:31", "description": "Microsoft's IIS 5.0 web server is shipped with a set of sample files to demonstrate different features of the ASP language. One of these sample files allows a remote user to view the source of any file in the web root with the extension .asp, .inc, .htm, or .html.", "cvss3": {}, "published": "2002-05-22T00:00:00", "type": "nessus", "title": "Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-1999-0739"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:microsoft:iis"], "id": "IIS_CODEBRWS.NASL", "href": "https://www.tenable.com/plugins/nessus/10956", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# This script was written by Matt Moore <matt@westpoint.ltd.uk>\n# Majority of code from plugin fragment and advisory by H D Moore <hdm@digitaloffense.net>\n#\n# no relation :-)\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(10956);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-1999-0739\");\n script_bugtraq_id(167);\n script_xref(name:\"MSFT\", value:\"MS99-013\");\n script_xref(name:\"MSKB\", value:\"231368\");\n script_xref(name:\"MSKB\", value:\"231656\");\n\n script_name(english:\"Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Some files may be read on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"Microsoft's IIS 5.0 web server is shipped with a set of\nsample files to demonstrate different features of the ASP\nlanguage. One of these sample files allows a remote user to\nview the source of any file in the web root with the extension\n.asp, .inc, .htm, or .html.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/1999/ms99-013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the patch referenced above.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"1999/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2002/05/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:iis\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2002-2022 Matt Moore / HD Moore\");\n\n script_dependencies(\"find_service1.nasl\", \"no404.nasl\", \"http_version.nasl\", \"www_fingerprinting_hmap.nasl\");\n script_require_keys(\"www/ASP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n# Check simpy tests for presence of Codebrws.asp. Could be improved\n# to use the output of webmirror.nasl, and actually exploit the vulnerability.\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port(default:80, embedded:TRUE);\nif ( ! can_host_asp(port:port) ) exit(0);\n\n\nreq = http_get(item:\"/iissamples/sdk/asp/docs/codebrws.asp\", port:port);\nres = http_keepalive_send_recv(data:req, port:port);\nif (\"View Active Server Page Source\" >< res)\n{\n security_warning(port);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}