Member-only story
Web Server Misconfiguration
Web Server Misconfiguration: Unprotected File
Summary
An information disclosure vulnerability has been detected on an IIS server. During the assessment, the global.asa.bak file was retrieved from the web server. This file is most likely a backup copy of the global.asa file, which is a text-based file that consists of server-side script that defines application- or session-level variables that users will use throughout their web session. The global.asa file may contain a database server name, user name, database password, and database name. If exploited by a remote attacker, the sensitive system information in the file would be disclosed. Recommendations include removing the vulnerable file.
Explanation
The impact of an attacker finding a backup file obviously depends on the nature of the file. In this case, the file commonly contains passwords the system will use to gain access to a database and other system critical information. Inside the global.asa file, you will commonly find ODBC Data Source Name definitions that all ASP pages on the site will use. At a minimum, an attacker who finds a backup copy of the global.asa file has had a major portion of his reconnaissance and research conducted for him.
