Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

More potential ASP problems
From: f.c.w.donck () SIEP SHELL COM (Fred Donck)
Date: Fri, 3 Jul 1998 14:04:09 +0200

All,

Apart from the reported ASP problems on both bugtraq and ntbugtraq one of my
colleques pointed me to some more exploit which may be just as bad. I
haven't seen any mention of it yet to both the lists

Apart from the http://www.domain.com/xxxx.asp::$DATA in ASP applications
there may also a http://www.domain.com/global.asa which may contain session
variables and user-id/password combinations for entering databases and the
like.

If not patched this is also subject to the vulnerabilities.

my $0.02,
Fred
--
-------------------- My opinions are my own ----------------------------
 Fred Donck                  | E-mail: f.c.w.donck () siep shell com (work)
 Technical Consultant        |         fred () donck com,
 Voice/Fax : +31-70-3112374  |         fred () realit com     (private)
--- Idle cycles are a waste !! Check http://www.distributed.net/rc5 ----

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]