Vulnerability Assessment & Network Security Forums
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.
Vulnerability Assessment Details
Tries to retrieve ASPX source code using XSP
Detailed Explanation for this Vulnerability Assessment
The remote web server is affected by an information disclosure
The remote host is running Mono XSP, a lightweight web server for
hosting ASP.NET applications.
The version of Mono XSP installed on the remote Windows host fails to
properly validate filename extensions in URLs. A remote attacker may
be able to leverage this issue to disclose the source of scripts
hosted by the affected application using specially-crafted requests
with URL-encoded space characters.
See also :
Upgrade to Mono version 1.2.2 / 18.104.22.168.2 or later.
Network Security Threat Level:
Low / CVSS Base Score : 2.3
Networks Security ID: 21687
Vulnerability Assessment Copyright: This script is Copyright (C) 2006-2007 Tenable Network Security
Warning: mysql_connect(): Too many connections in /home/vscan/public_html/store/select.php on line 4
Warning: mysql_select_db() expects parameter 2 to be resource, boolean given in /home/vscan/public_html/store/select.php on line 5
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/vscan/public_html/store/select.php on line 13
Warning: mysql_connect(): Too many connections in /home/vscan/public_html/comments.php on line 3
Warning: mysql_select_db() expects parameter 2 to be resource, boolean given in /home/vscan/public_html/comments.php on line 4
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/vscan/public_html/comments.php on line 16
No Discussions have been posted on this vulnerability.