Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
BID:17222
Info
Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
| Bugtraq ID: | 17222 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 24 2006 12:00AM |
| Updated: | Mar 27 2006 03:19AM |
| Credit: | Tan Chew Keong of Secunia Research is credited with the discovery of this vulnerability. |
| Vulnerable: |
Pablo Software Solutions Quick 'n Easy Web Server 3.0.6 Pablo Software Solutions Quick 'n Easy Web Server 3.1 Pablo Software Solutions Baby ASP Web Server 2.7.2 Pablo Software Solutions Baby ASP Web Server 1.5 |
| Not Vulnerable: |
Pablo Software Solutions Quick 'n Easy Web Server 3.1.1 |
Discussion
Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
A problem with Baby Web Server and Quick 'n Easy Web Server results in the disclosure of the source code of Active Server Pages. This allows attackers to gain unauthorized access to sensitive information, potentially aiding them in further attacks.
This issue affects the discontinued Baby Web Server and versions prior to 3.1.1 of its successor Quick 'n Easy Web Server.
A problem with Baby Web Server and Quick 'n Easy Web Server results in the disclosure of the source code of Active Server Pages. This allows attackers to gain unauthorized access to sensitive information, potentially aiding them in further attacks.
This issue affects the discontinued Baby Web Server and versions prior to 3.1.1 of its successor Quick 'n Easy Web Server.
Exploit / POC
Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
This issue can be exploited through a web client.
This issue can be exploited through a web client.
Solution / Fix
Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
Solution:
The vendor has released Quick 'n Easy Web Server version 3.1.1 to address this issue. Contact the vendor for further information on obtaining the appropriate updates.
Solution:
The vendor has released Quick 'n Easy Web Server version 3.1.1 to address this issue. Contact the vendor for further information on obtaining the appropriate updates.
References
Pablo Software Solutions Baby Web/Quick 'n Easy Web ASP Source Disclosure Vulnerability
References:
References:
- Baby ASP Web Server Homepage (Pablo Software Solutions)
- Quick 'n Easy Web Server Homepage (Pablo Software Solutions)
- Quick 'n Easy/Baby Web Server ASP Code Disclosure Vulnerability (Secunia)
- Secunia Research: Quick 'n Easy/Baby Web Server ASP Code Disclosure Vulnerabilit (Secunia Research)