Vulnerability Description
The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pablo Software Solutions | Baby Asp Web Server | 2.7.2 |
| Pablo Software Solutions | Quick And Easy Web Server | 3.0.6 |
References
- http://secunia.com/advisories/19306PatchVendor Advisory
- http://secunia.com/advisories/19312Vendor Advisory
- http://secunia.com/secunia_research/2006-19/advisory/PatchVendor Advisory
- http://securityreason.com/securityalert/624
- http://www.osvdb.org/24099
- http://www.osvdb.org/24100Patch
- http://www.securityfocus.com/archive/1/428667/100/0/threaded
- http://www.securityfocus.com/bid/17222Patch
- http://www.vupen.com/english/advisories/2006/1085
- http://www.vupen.com/english/advisories/2006/1088
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25417
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25418
- http://secunia.com/advisories/19306PatchVendor Advisory
- http://secunia.com/advisories/19312Vendor Advisory
- http://secunia.com/secunia_research/2006-19/advisory/PatchVendor Advisory
FAQ
What is CVE-2006-1391?
CVE-2006-1391 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension...
How severe is CVE-2006-1391?
CVE-2006-1391 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1391?
Check the references section above for vendor advisories and patch information. Affected products include: Pablo Software Solutions Baby Asp Web Server, Pablo Software Solutions Quick And Easy Web Server.