Mandriva Linux Security Advisory MDKSA-2006-234 - XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic.
8a127f50798d6860d450a586a8af3b0175981db6294bc0df3a14b9c3c9dfd77c
Ubuntu Security Notice 397-1 - Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source.
94419be4f07c7c1769569c844a7f0de39d524d4f3ae40d536ad18d6482417771