MS06-033: Vulnerabilities in ASP.NET could allow information disclosure (917283)
Medium Nessus Plugin ID 22027
SynopsisAn attacker may bypass ASP.NET security to gain unauthorized access to objects in the remote application folder.
DescriptionThe remote host is running a version of the ASP.NET framework that contains a flaw that could allow an attacker to bypass the security of an ASP.NET website by accessing protected objects by their explicit names.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.