ASP.NET Misconfiguration: Password in Configuration File

From OWASP

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


Description

The clear-text passwords are in the configuration files. Clear-text passwords in the configuration files are subject to exposure in a variety of ways, including people getting access to the file, the file being served directly to a user due to a server error, a file download flaw, access to a backup copy, or some other exposure.

Examples

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories

This article is a stub. You can help OWASP by expanding it.

This template will categorize articles that include it into the Category:Stub category.

Retrieved from "http://www.owasp.org/index.php/ASP.NET_Misconfiguration:_Password_in_Configuration_File"
Personal tools