漏洞类别:CGI漏洞等级: 
漏洞信息
Sun Chili!Soft ASP (CASP) is a cross-platform Active Server Pages implementation for Linux and other platforms, including Lotus Domino, Apache, HP-UX, and AIX.
The default installation of Chili!Soft ASP includes sample scripts which are vulnerable to directory traversal attacks. The vulnerability only allows the attacker to ascend one level in the Web's directory tree. However, in typical CASP configurations, this is the /opt/casp directory, which holds files containing highly sensitive information, such as database usernames and passwords, server logs, and the username and password for CASP's admin console.
漏洞危害
If successfully exploited, a malicious user can gain access to files with highly sensitive information, which could be used to further compromise security on the vulnerable host.
解决方案
For the latest information, visit the Sun Chili!Soft Web site.
0day
文章评论