Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1391

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1391
Last Modified 07 Mar 2011 09:32:58
Published 24 Mar 2006 07:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1391

Summary

The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL.

Vulnerable Systems

Application

  • Pablo Software Solutions Baby Asp Web Server 2.7.2

  • Pablo Software Solutions Quick And Easy Web Server 3.0.6

  • Pablo Software Solutions Quick And Easy Web Server 3.1.0


References

BID - 17222

BUGTRAQ - 20060324 Secunia Research: Quick 'n Easy/Baby Web Server ASP CodeDisclosure Vulnerability

OSVDB - 24100

MISC - http://secunia.com/secunia_research/2006-19/advisory/

SECUNIA - 19306

VUPEN - ADV-2006-1088

VUPEN - ADV-2006-1085

SECUNIA - 19312

XF - quickneasy-web-asp-disclosure(25418)

XF - baby-web-asp-disclosure(25417)

OSVDB - 24099

SREASON - 624


Last Updated: 27 May 2016 10:42:02