Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
High Nessus Plugin ID 10480
SynopsisThe remote web server is affected by an arbitrary file creation vulnerability.
DescriptionThe file /site/eg/source.asp is present on the remote Apache web server.
This file comes with the Apache::ASP package and allows anyone to write to files in the same directory. An attacker may use this flaw to upload his own scripts and execute arbitrary commands on this host.
SolutionUpgrade to Apache::ASP 1.95 or newer.