(C) 2003-2017 [email protected]
The remote web server is affected by an information disclosure flaw.
It is possible to get the source code of the remote ASP scripts which
are hosted on a mapped network share by appending '%5c' to the end of
the request. ASP source code usually contains sensitive information
such as logins and passwords.
See also :
Microsoft has released a set of patches for IIS 4.0 and 5.0.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2