Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.10491 |
Categoría: | Web application abuses |
Título: | ASP/ASA source using Microsoft Translate f: bug |
Resumen: | There is a serious vulnerability in Windows 2000 (unpatched by SP1) that; allows an attacker to view ASP/ASA source code instead of a processed file.;; ASP source code can contain sensitive information such as username's and; passwords for ODBC connections. |
Descripción: | Summary: There is a serious vulnerability in Windows 2000 (unpatched by SP1) that allows an attacker to view ASP/ASA source code instead of a processed file. ASP source code can contain sensitive information such as username's and passwords for ODBC connections. Solution: Install all the latest Microsoft Security Patches (Note: This vulnerability is eliminated by installing Windows 2000 Service Pack 1) CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
Referencia Cruzada: |
BugTraq ID: 1578 Common Vulnerability Exposure (CVE) ID: CVE-2000-0778 http://www.securityfocus.com/bid/1578 Bugtraq: 20000815 Translate:f summary, history and thoughts (Google Search) http://www.securityfocus.com/templates/archive.pike?list=1&msg=080D5336D882D211B56B0060080F2CD696A7C9@beta.mia.cz Microsoft Security Bulletin: MS00-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-058 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=ntbugtraq&F=&S=&P=5212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A927 |
Copyright | Copyright (C) 2000 Alexander Strouk |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |