EUVD-1999-0253

Malware in sbrugna...

CVE-2011-4766

The Site Editor aka SiteBuilder feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment...

Q-Shop 3.0 Remote XSS/SQL Injection Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net

In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode...

CVE-1999-0154

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . dot to the end of the URL...

Microsoft IIS Translate f: ASP/ASA Source Disclosure

There is a serious vulnerability in Windows 2000 unpatched by SP1 that allows an attacker to view ASP/ASA source code instead of a processed file. SP source code can contain sensitive information such as usernames and passwords for ODBC connections. %NASLMINLEVEL 70300 This script was written by...

Заткнута дырка в IIS (Specialized Header)

При определенном HTTP-заголовке запроса можно было получить исходные тексты ASP-приложения...

CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

Microsoft IIS/PWS %2e Request ASP Source Disclosure

It is possible to get the source code of a remote ASP script by appending '%2e' to the end of the request. ASP source code usually contains sensitive information such as logins and passwords. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10363; scriptversion "1.35";...

Microsoft IIS WebHits null.htw .asp Source Disclosure

It is possible to get the source code of ASP scripts by issuing a specially crafted request. ASP source codes usually contain sensitive information such as usernames and passwords. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10356; scriptversion"1.44";...

Security Bulletin (MS00-019)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-019 - -------------------------------------- Patch...

CVE-2000-0025

IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability...

CVE-1999-0253

Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...

ms.iis4.showcode.txt

L0pht Security Advisory ------------- URL Origin: http://www.l0pht.com/advisories.html Release Date: May 7th, 1999 Application: Microsoft IIS 4.0 Web Server Severity: Web users can view ASP source code and other sensitive files on the web server Author: [email protected] Operating Sys: Microsoft NT...

Microsoft IIS 3.0/4.0 - Using ASP and FSO To Read Server Files

source: https://www.securityfocus.com/bid/230/info The File System Object FSO may be called from an Active Server Page ASP to display files that exist outside of the web server's root directory. FSO allows calls to be made utilizing "../" to exit the local directory path. An example of this synta...

CVE-1999-0278

In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL...

Microsoft IIS 3.04.0 Microsoft Personal Web Server 2.03.04.0 - ASP Alternate Data Streams

Microsoft IIS 3.04.0 Microsoft Personal Web Server 2.03.04.0 - ASP Alternate Data Streams source: https://www.securityfocus.com/bid/149/info Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA t...

Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams

source: https://www.securityfocus.com/bid/149/info Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. F...