ASPXSpy.Detection

Release Date	Mar 31, 2009
Severity	Low
Impact	System Compromise: Remote attackers can gain control of vulnerable systems.
Description	This indicates a potential .NET ASP webshell upload. A malicious user may use this script to further compromise the targeted host.
Affected Products	N/A
Recommended Actions	Configure a Worker Process Identity (WPI) for an application pool.
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1436
Reference/s	http://www.vupen.com/english/advisories/2008/1264 (FrSIRT) http://www.milw0rm.com/exploits/6705

Reference: VID-15558