ASP.NET application trace enabled

ASP.NET application trace enabled

Published on 2004-03-27. Updated on 2009-01-23.

Description:
The ASP.NET application trace is enabled. This file contains sensitive information such as Session ID values and physical path to the requested file.

Impact:
This file may expose sensitive information that may help an malicious user to prepare more advanced attacks.

Recommendation:
Remove this file from your website or change its permissions to remove access.

Tags: Scripts

Alert Tags: information_disclosure
ApplicableApplicationServer : ASP.NET
ApplicableOS: Windows
ApplicableWebServer: IIS

References:

Trace Logging

Go Back

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking