{"id":"CVE-2006-6104","details":"The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20.","modified":"2026-04-10T03:38:37.608891Z","published":"2006-12-21T19:28:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/23432"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23435"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23462"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23597"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23727"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23776"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23779"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200701-12.xml"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/5099"},{"type":"EVIDENCE","url":"http://secunia.com/advisories/23432"},{"type":"EVIDENCE","url":"http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/21687"},{"type":"FIX","url":"http://secunia.com/advisories/23432"},{"type":"FIX","url":"http://secunia.com/advisories/23435"},{"type":"FIX","url":"http://secunia.com/advisories/23462"},{"type":"FIX","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"},{"type":"FIX","url":"http://www.securityfocus.com/bid/21687"},{"type":"FIX","url":"http://www.ubuntu.com/usn/usn-397-1"},{"type":"WEB","url":"http://fedoranews.org/cms/node/2400"},{"type":"WEB","url":"http://fedoranews.org/cms/node/2401"},{"type":"WEB","url":"http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"},{"type":"WEB","url":"http://securityreason.com/securityalert/2082"},{"type":"WEB","url":"http://securitytracker.com/id?1017430"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/454962/100/0/threaded"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"}],"schema_version":"1.7.5"}