HTTP: IIS ASP ::$Data Source Code Disclosure
This signature detects attempts to exploit a known source code vulnerability in Active Server Pages served by Microsoft's Internet Information Server. In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
Extended Description
Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. For example: http://xyz/myasp.asp::$DATA will return the source of myasp.asp, instead of executing it.
Affected Products
Microsoft personal_web_server
References
BugTraq: 0149
CVE: CVE-1999-0278
URL: http://www.microsoft.com/technet/security/bulletin/ms98-003.mspx http://www.ciac.org/ciac/bulletins/i-068.shtml
Short Name
HTTP:IIS:DATA-DISCLOSURE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
::$Data ASP CVE-1999-0278 Code Disclosure IIS Source bid:0149
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0