> LICENSE.LIC
A further related vulnerability exists than the ones already disclosed
regarding the Chili!Soft world read/write files. The license file, if you
use the "web console" utility to install/update your server license, will
be installed with world-write permission. Experienced BugTraq
access issues presented in the
BugTraQ Advisory "Chili!Soft ASP
Multiple Vulnerabilities" are directly related to the
ability to reach the /caspsamp virtual
directory. If one can not view the ASP Sample
applications from the web, one can not
access the configuration and log files fro
Author: Stan Bubrouski ([EMAIL PROTECTED])
Date: February 20, 2001
Package: Chili!Soft ASP
Versions affected: 3.5.2 and possibly previous versions.
Severity: (1) A remote user could potentially view sensative information and
take remote control of the server. (2) The installe