ASP Source Code Disclosure in Quick 'n Easy Web Server and Baby ASP Web Server
CVE-2006-1391

Currently unrated

Key Information:

Vendor: Pablo Software Solutions
Status: Quick And Easy Web Server; Baby Asp Web Server
Vendor: CVE Published:; 25 March 2006

🔔 Create Pablo Software Solutions Vulnerability Alert

What is CVE-2006-1391?

The Quick 'n Easy Web Server prior to version 3.1.1 and Baby ASP Web Server version 2.7.2 are vulnerable to an attack that allows remote attackers to retrieve the source code of ASP files. This exploitation can be performed by appending certain characters, specifically dots or spaces, in the URL of the request. As a result, this vulnerability could potentially expose sensitive information and application logic, leading to further attacks on the web application.

References

http://www.securityfocus.com/bid/17222

vdb-entryx_refsource_BID

http://secunia.com/advisories/19312

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/428667/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2006
Vulnerability Reserved
Mar 24, 2006