| VID |
22101 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The ASP.NET web application running in this web server has application tracing enabled.
"application trace" option is useful to to collect information about HTTP requests for an entire application when you are debugging your ASP.NET system. You can set the "trace enabled=" attribute in the tracing configuration section of the web.config file within the application's root directory to TRUE, if tracing is enabled for the application.
This information is not displayed in a browser unless you so specify, but can be displayed in a Web-based trace viewer application. The trace.axd file, which is associated with the trace viewer application, is generated in your application's root directory automatically when you enable tracing for an application. For example, if the URL to your application is http://localhost/myapplication, navigate to http://localhost/myapplication/trace.axd to view the trace statistics for that application.
However, many ASP writes forget to disable this parameter leaving their server open to exposure of sensitive information. This would allow an attacker to view the last 50 web requests made to this server, including sensitive information like Session ID values and the physical path to the requested file.
* References:
http://www.securiteam.com/windowsntfocus/5FP0L0K6AY.html
http://cgi.nessus.org/plugins/dump.php3?id=10993 |
| Recommendation |
Set "trace enabled=" in web.config file within the application's root directory to FALSE. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
