{
  "modified": "2025-08-09T19:01:26Z",
  "published": "2006-12-21T19:28:00Z",
  "id": "CVE-2006-6104",
  "details": "The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23432"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23435"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23462"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23597"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23727"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23776"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/23779"
    },
    {
      "type": "ADVISORY",
      "url": "http://security.gentoo.org/glsa/glsa-200701-12.xml"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2006/5099"
    },
    {
      "type": "EVIDENCE",
      "url": "http://secunia.com/advisories/23432"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.securityfocus.com/bid/21687"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/23432"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/23435"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/23462"
    },
    {
      "type": "FIX",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"
    },
    {
      "type": "FIX",
      "url": "http://www.securityfocus.com/bid/21687"
    },
    {
      "type": "FIX",
      "url": "http://www.ubuntu.com/usn/usn-397-1"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2400"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/cms/node/2401"
    },
    {
      "type": "WEB",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/2082"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1017430"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"
    }
  ]
}