Vulnerability in Microsoft ASP.NET
Results 1 to 2 of 2

Thread: Vulnerability in Microsoft ASP.NET

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001

    Vulnerability in Microsoft ASP.NET

    -Simon \"SDK\"

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Rotterdam, Netherlands
    As usually is the case, they're extremely scarce with info.

    Reports have indicated that an attacker could send specially crafted requests to a Web server running ASP.NET applications and bypass forms based authentication or Windows authorization configurations, and potentially view secured content without providing the proper credentials.
    It basicly means that if you replace a / (forward slash) with a \ (backslash) in the URL you can circumvent the authentication mechanism.

    NTBugtraq post

    (Hope this long url bug is fixed )
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts