• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

VWebServer ASP Source Code Disclosure Vulnerability

vWebServer is a freeware Active Web Pages webserver.

If a remote user appends a unicode-format space character to a URL requesting an ASP script, the source code of that script will be displayed, rather than executed.

Depending on the contents of the requested script, this information may assist in the exploitation of other vulnerabilities.