Microsoft ASP.NET Malformed File Request Path Disclosure

medium Nessus Plugin ID 10843

Synopsis

The remote web server is using a web application framework that is affected by an information disclosure vulnerability.

Description

ASP.NET is vulnerable to a path disclosure attack. This allows an attacker to determine where the remote web root is physically stored in the remote file system, hence gaining more information about the remote system.

Solution

There is no known solution at this time.

Plugin Details

Severity: Medium

ID: 10843

File Name: asp_net_path_disclosure.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 2/5/2002

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Detections

Analytics