SCAN: Nessus Global-asa Probe
This signature detects requests for the Microsoft IIS Global.asa that can be used to launch attacks against a site.
Extended Description
Microsoft IIS 5.0 has a dedicated scripting engine for advanced file types such as ASP, ASA, HTR, etc. files. The scripting engines handle requests for these file types, processes them accordingly, and then executes them on the server. It is possible to force the server to send back the source of known scriptable files to the client if the HTTP GET request contains a specialized header with 'Translate: f' at the end of it, and if a trailing slash '/' is appended to the end of the URL. The scripting engine will be able to locate the requested file, however, it will not recognize it as a file that needs to be processed and will proceed to send the file source to the client.
Affected Products
Microsoft iis
Short Name
SCAN:NESSUS:GLOBAL-ASA
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CVE-2000-0778 Global-asa Nessus Probe bid:1578
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Rarely
Vendors
Microsoft
CVSS Score
5.0