Test ID:	1.3.6.1.4.1.25623.1.0.11746
Category:	Web application abuses
Title:	AspUpload vulnerability
Summary:	At least one example script distributed with AspUpload appears to be; installed on the remote web server.
Description:	Summary: At least one example script distributed with AspUpload appears to be installed on the remote web server. Vulnerability Impact: AspUpload is an ASP script that supports saving and processing files uploading through other web scripts, and the example script likely contains a flaw that allows an attacker to upload arbitrary files and store them anywhere on the affected drive. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0938 BugTraq ID: 3608 http://www.securityfocus.com/bid/3608 Bugtraq: 20011130 Aspupload installs exploitable scripts (Google Search) http://marc.info/?l=bugtraq&m=100715294425985&w=2 http://www.iss.net/security_center/static/7629.php http://www.iss.net/security_center/static/7628.php
Copyright	Copyright (C) 2003 John Lampe

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.