(Vendor Issues Fix) Microsoft .NET Forms Authentication Can Be Bypassed By Remote Users
|
|
SecurityTracker Alert ID: 1013109
|
|
SecurityTracker URL: http://securitytracker.com/id?1013109
|
|
CVE Reference: CAN-2004-0847
(Links to External Site)
|
Date: Feb 8 2005
|
Impact: User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 1.0, 1.1
|
Description: A vulnerability was reported in Microsoft .NET in the forms authentication. A remote user can bypass the authentication process.
In September 2004, Toby Beaumont reported that a remote user can supply an HTTP GET request with a specially crafted URL that contains
a backslash instead of a forward slash to gain access to the requested resource without having to authenticate.
An demonstration
exploit example URL is of the following format:
http://[target]/secure\somefile.aspx
|
Impact: A remote user can gain access to restricted resources without having to authenticate.
|
Solution: The vendor has issued the following fixes:
.NET Framework 1.0 Service Pack 3 for:
Windows 2000 Service Pack 3 or Service Pack
4
Windows XP Service Pack 1 or Windows XP Service Pack 2,
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=4E6D56E5-3D8D-423B-99A1-41EDF2
3D65BC
.NET Framework 1.0 Service Pack 3 for:
Windows XP Tablet PC Edition
Windows XP Media Center Edition
http://www.microsoft.com/downloads/details.aspx?Fam
ilyId=33D4D33E-473F-4842-A3A8-C8266AEE8FAB
.NET Framework 1.0 Service Pack 2 for:
Windows 2000 Service Pack 3 or Service
Pack 4
Windows XP Service Pack 1 or Windows XP Service Pack 2,
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=3271ACD5-EE3C-4BDF-AE28-5
6D2DF77151E
.NET Framework 1.0 Service Pack 2 for:
Windows XP Tablet PC Edition
Windows XP Media Center Edition
http://www.microsoft.com/downloads/details.asp
x?FamilyId=EE611D27-52CF-43DB-BB97-21318C7FAA70
.NET Framework 1.1 Service Pack 1 for:
Windows 2000 Service Pack 3 or Service
Pack 4
Windows XP Service Pack 1 or Windows XP Service Pack 2,
Windows XP Tablet PC Edition
Windows XP Media Center Edition
http://www.microsoft.com/downloads/detai
ls.aspx?FamilyId=8EC6FB8A-29EB-49CF-9DBC-1A0DC2273FF9
.NET Framework 1.1 Service Pack 1 for:
Windows Server 2003
http://www.microsoft.com/downloads/details.asp
x?FamilyId=9BBD5617-49AE-40BF-B0FA-F9049349C6F5
.NET Framework 1.1 for:
Windows 2000 Service Pack 3 or Service Pack 4
Windows
XP Service Pack 1 or Windows XP Service Pack 2,
Windows XP Tablet PC Edition
Windows XP Media Center Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId
=C5E19719-000F-456A-BEAB-5BD7949F8AA2
.NET Framework 1.1 for:
Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=E54BE8BE-22AF-4390-8
6E1-25D76794D5C7
A restart is required after applying this update.
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms05-004.mspx (Links to External Site)
|
Cause: Access control error, Input validation error
|
Underlying OS: Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 8 Feb 2005 03:54:31 -0500
Subject: [none]
|
Microsoft February Update
|
|
