| VID |
22257 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Microsoft IIS Server has an ASP script with a Cookie usage disclosure flaw.
The Active Server Pages (ASP) is an extension to Microsoft IIS which allows HTML pages to be dynamically generated on the server side. ASP engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. That is, when sent a Cookie with the '=' character, if actually processing the cookie via a specific asp page, IIS server will either respond with an error or disclose information of the .inc file used. It could allow a remote attacker to determine the name of the include file and also be used to map applications which are processing cookies.
* References:
http://www.securityfocus.com/archive/1/362374
http://support.microsoft.com/?id=834452
* Platforms Affected:
Microsoft IIS Server Any version
Microsoft Windows Any version |
| Recommendation |
You should configure the affected IIS server to return custom error pages which do not reveal details about the script which caused the error.
Information about how to create custom error pages is available from 'References' section in '834452 - Best practices with custom error pages' at http://support.microsoft.com/?id=834452 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
