2 matches found
Microsoft IIS ASP::$DATA ASP Source Disclosure
It is possible to get the source code of a remote ASP script by appending '::$DATA' to the end of the request. ASP source code may contain sensitive information such as logins, passwords and server information. %NASLMINLEVEL 70300 This script was written by Renaud Deraison See the Nessus Scripts...
CVE-1999-0278
Microsoft IIS ASP::$DATA ASP Source Disclosure: remote attackers can obtain ASP source by appending '::$DATA' to the URL. Affected: IIS hosting ASP scripts. Root cause: information disclosure via URL handling in IIS. Exploitation details: not provided in the supplied documents. Remediation: no pa...