|
Microsoft .NET Framework URL Path Validation Canonicalization Vulnerability
|
|
Secunia Advisory:
|
SA12749
|
|
|
Release Date:
|
2004-10-08
|
|
Last Update:
|
2005-11-21
|
|
Popularity:
|
14,903 views
|
|
|
Critical:
|
 Moderately critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | ASP.NET 1.x Microsoft .NET Framework 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
| | CVE reference: | CVE-2004-0847
|
|
Description: Toby Beaumont has reported a vulnerability in Microsoft .NET Framework, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to a canonicalization error in the ASP.NET component's authentication schema when validating URL paths. This can be exploited to bypass forms based authentication or Windows authorization configurations by using a specially crafted URL.
Example:
http://[victim]/secure%5Cfile.apx
Successful exploitation can e.g. lead to exposure of sensitive information.
Solution: Apply patches.
Microsoft .NET Framework 1.0 (requires SP3) for Windows 2000 SP3/SP4, Windows XP SP1/SP2, and Windows Server 2003:
http://www.microsoft.com/downloads/de...=4E6D56E5-3D8D-423B-99A1-41EDF23D65BC
Microsoft .NET Framework 1.0 (requires SP3) for Windows XP Tablet PC Edition and Windows XP Media Center Edition:
http://www.microsoft.com/downloads/de...=EE611D27-52CF-43DB-BB97-21318C7FAA70
Microsoft .NET Framework 1.0 (requires SP2) for Windows 2000 SP3/SP4, Windows XP SP1/SP2, and Windows Server 2003:
http://www.microsoft.com/downloads/de...=3271ACD5-EE3C-4BDF-AE28-56D2DF77151E
Microsoft .NET Framework 1.0 (requires SP2) for Windows XP Tablet PC Edition and Windows XP Media Center Edition:
http://www.microsoft.com/downloads/de...=33D4D33E-473F-4842-A3A8-C8266AEE8FAB
Microsoft .NET Framework 1.1 (requires SP1) for Windows 2000 SP3/SP4, Windows XP SP1/SP2, Windows XP Tablet PC Edition, or Windows XP Media Center Edition:
http://www.microsoft.com/downloads/de...=8EC6FB8A-29EB-49CF-9DBC-1A0DC2273FF9
Microsoft .NET Framework 1.1 (requires SP1) for Windows Server 2003:
http://www.microsoft.com/downloads/de...=9BBD5617-49AE-40BF-B0FA-F9049349C6F5
Microsoft .NET Framework 1.1 for Windows 2000 SP3/SP4, Windows XP SP1/SP2, Windows XP Tablet PC Edition, or Windows XP Media Center Edition:
http://www.microsoft.com/downloads/de...=C5E19719-000F-456A-BEAB-5BD7949F8AA2
Microsoft .NET Framework 1.1 for Windows Server 2003:
http://www.microsoft.com/downloads/de...=E54BE8BE-22AF-4390-86E1-25D76794D5C7
Windows XP Embedded SP1:
http://www.microsoft.com/downloads/de...=88c24367-4f1c-4728-900b-bbcb2b10bf45
Provided and/or discovered by: Toby Beaumont
Changelog: 2005-02-08: Vendor issues security bulletin and patches.
2005-02-09: Added link to US-CERT vulnerability note.
2005-11-21: Added patch information for Windows XP Embedded.
Original Advisory: MS05-004 (KB887219):
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
Other References: US-CERT VU#283646:
http://www.kb.cert.org/vuls/id/283646
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
5th Sep, 2008
|
New advisories:
|
14 |
|
New vulnerabilities:
|
18 |
|
Updated advisories:
|
22 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Solutions | More...
|
|