Tuesday, December 8, 2009

Asp Upload Persits Serial 3.0.0.6 Is There A Securuity Threat Using The Following Code: Set Upload = Server.CreateObject("Persits.U…

Is there a securuity threat using the following code: Set Upload = Server.CreateObject("Persits.U… - asp upload persits serial 3.0.0.6

When I use the following code:
Set Upload = Server.CreateObject ( "Persits.Upload") -> ASPUpload -> (for downloading) of files

The security for the housing problem is?

The Party hosting the claims as follows ... Is that true?

"Some" ASPUpload risky "dangerous properties than others. The most dangerous are the following:

· Registry ActiveX. With this function, an attacker can a Trojan ActiveX DLL on the server instead, the registry and call the script with simple ASP.

• a list of directories. With this function, users can browser through the disk of the Web server and downloading files.

• Identity theft of the account.

Remove · deleting files and directories.

After the installation of a shared responsibility ASPUpload web server, it is recommended that the away most or all of which are potentially dangerous, not activated, or at least some examples of code from the installation directory.

0 comments:

Post a Comment