Microsoft Site Server viewcode.asp Information Disclosure

2002-01-30T00:00:00
ID OSVDB:17671
Type osvdb
Reporter RFP(rfp@wiretrip.net)
Modified 2002-01-30T00:00:00

Description

Vulnerability Description

Microsoft Site Server contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when accessing the 'viewcode.asp' script, which will disclose the source code resulting in a loss of confidentiality. While not considered critical, this information can lead to more focused and precise attacks.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft Site Server contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when accessing the 'viewcode.asp' script, which will disclose the source code resulting in a loss of confidentiality. While not considered critical, this information can lead to more focused and precise attacks.

References:

Vendor URL: http://www.microsoft.com/ Snort Signature ID: 1817 Snort Signature ID: 1818 Security Tracker: 1003420 Related OSVDB ID: 17655 Related OSVDB ID: 17658 Related OSVDB ID: 17661 Related OSVDB ID: 17663 Related OSVDB ID: 17664 Related OSVDB ID: 17666 Related OSVDB ID: 17668 Related OSVDB ID: 17656 Related OSVDB ID: 17660 Related OSVDB ID: 17667 Related OSVDB ID: 17669 Related OSVDB ID: 831 Related OSVDB ID: 17652 Related OSVDB ID: 17654 Related OSVDB ID: 17657 Related OSVDB ID: 17670 Related OSVDB ID: 17653 Related OSVDB ID: 17659 Related OSVDB ID: 17662 Related OSVDB ID: 17665 Related OSVDB ID: 17671 Nessus Plugin ID:11018 Microsoft Knowledge Base Article: 248840 Mail List Post: http://marc.theaimsgroup.com/?l=vulnwatch&m=101235440104716&w=2