Bugtraq mailing list archives
More potential ASP problems
From: f.c.w.donck () SIEP SHELL COM (Fred Donck)
Date: Fri, 3 Jul 1998 14:04:09 +0200
All, Apart from the reported ASP problems on both bugtraq and ntbugtraq one of my colleques pointed me to some more exploit which may be just as bad. I haven't seen any mention of it yet to both the lists Apart from the http://www.domain.com/xxxx.asp::$DATA in ASP applications there may also a http://www.domain.com/global.asa which may contain session variables and user-id/password combinations for entering databases and the like. If not patched this is also subject to the vulnerabilities. my $0.02, Fred -- -------------------- My opinions are my own ---------------------------- Fred Donck | E-mail: f.c.w.donck () siep shell com (work) Technical Consultant | fred () donck com, Voice/Fax : +31-70-3112374 | fred () realit com (private) --- Idle cycles are a waste !! Check http://www.distributed.net/rc5 ----
Current thread:
- More potential ASP problems Fred Donck (Jul 03)
- Re: More potential ASP problems Paul Ashton (Jul 06)
- <Possible follow-ups>
- Re: More potential ASP problems Michael Howard (Jul 06)