naa mate, sorted that out, it was just a blocked fan after all!! i did the scan i just got told about and have got this...
(MS05-004) ASP.NET Path Validation Vulnerability (887219)
Vulnerability Identifier: CAN-2004-0847
Discovery Date: Feb 8, 2005
Risk: Important
Vulnerability Assessment Pattern File: 023
Affected Software:
* Microsoft .NET Framework 1.0
* Microsoft .NET Framework 1.1
Description:
A canonicalization vulnerability exists in ASP.NET, which could allow a malicious user to access secure and protected files. The security mechanisms of an ASP.NET Web site can be bypassed to allow the malicious user unauthorized access.
Patch Information:
http://www.microsoft.com/technet/security/bulletin/MS05-004.mspx
Workaround Fixes:
* Apply the mitigation code module discussed in Microsoft Knowledge Base Article 887289. The mitigation code module provides protection on a server-basis.
* Make the following changes in the GLOBAL.ASAX file in the application root directory for each application on an affected system as an alternative to installing the module on a per-application basis:
<script runat=server language=cs>
void Application_BeginRequest(object src, EventArgs e)
{ if (Request.Path.IndexOf('\\') >= 0 || System.IO.Path.GetFullPath(Request.PhysicalPath) != Request.PhysicalPath) { throw new HttpException(404, "not found"); }}
</script>
* Install and use URLScan to help protect systems against a large number of issues stemming from improperly formed URL requests, including the publicly described issues addressed by this bulletin. Note however that URLScan does not protect your system as comprehensively as either the mitigation code module or the GLOBAL.ASAX script.
More information on URLScan is available in the following page:
http://www.microsoft.com/windows2000/downloads/recommended/urlscan/default.asp