📄 asp_source_space.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器

💻 NASL

字号:

## Michel Arboi <arboi@alussinan.org> hacked asp_source_data.nasl which# was written by Renaud Deraison <deraison@cvs.nessus.org>## GPL## Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>#      Erik Anderson <eanders@carmichaelsecurity.com>#      Added BugtraqID and CAN## References:# Date:  Fri, 29 Jun 2001 13:01:21 -0700 (PDT)# From: "Extirpater" <extirpater@yahoo.com># Subject: 4 New vulns. vWebServer and SmallHTTP# To: bugtraq@securityfocus.com, vuln-dev@securityfocus.com#if(description){ script_id(11071); script_bugtraq_id(2975); script_version ("$Revision: 38 $"); script_cve_id("CVE-2001-1248"); name["english"] = "ASP source using %20 trick"; name["francais"] = "Sources des fichiers ASP en ajoutant %20"; script_name(english:name["english"], francais:name["francais"]);  desc["english"] = "It is possible to get the source code of the remoteASP scripts by appending %20 at the endof the request (like GET /default.asp%20)ASP source code usually contains sensitive information suchas logins and passwords.Solution :  install all the latest security patches	Risk factor : High";	 desc["francais"] = "Il est possible d'obtenir le code source des fichiersASP distants en ajoutant %20 apr鑣 le nom du fichier(comme par exemple GET /default.asp%20)Les codes sources ASP contiennent souvent des informationssensibles telles que des logins et des mots de passe.Solution : installez tous les derniers patch de s閏urit

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -