Signature Detail

Short Name	HTTP:IIS:DATA-DISCLOSURE
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	IIS ASP ::$Data Source Code Disclosure
Release Date	2003/04/22
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: IIS ASP ::$Data Source Code Disclosure

This signature detects attempts to exploit a known source code vulnerability in Active Server Pages served by Microsoft's Internet Information Server. In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

Extended Description

Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. For example: http://xyz/myasp.asp::$DATA will return the source of myasp.asp, instead of executing it.

Affected Products

Microsoft IIS 3.0
Microsoft IIS 4.0
Microsoft Personal Web Server 2.0
Microsoft Personal Web Server 3.0
Microsoft Personal Web Server 4.0
Microsoft Windows NT 4.0

References

BugTraq: 0149
CVE: CVE-1999-0278
URL: http://www.microsoft.com/technet/security/bulletin/ms98-003.mspx
URL: http://www.ciac.org/ciac/bulletins/i-068.shtml

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: IIS ASP ::$Data Source Code Disclosure

Extended Description

Affected Products

References