CVE-2006-1391

The (a) Quick ‘n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL.

Date published : 2006-03-24

http://www.securityfocus.com/bid/17222

http://www.securityfocus.com/archive/1/428667/100/0/threaded