.Net Hive

A blog about Microsoft .Net Platform & other industry happenings

Yet another ASP.NET security flow

Recently I went through a report by Microsoft regarding a security flow in Microsoft ASP.NET technology. A security flow allows an intruder to enter password protected areas of a web site with some minor altering of the URL. And according to that report, there is no FIX available yet, but Microsoft has published guidelines to help ASP.NET users to secure their sites against such intrusions. By the way, this is a an ASP.NET specific flow and does not effect Classic ASP.

According to Microsoft: “This issue affects Web content owners who are running any version of ASP.NET on Microsoft Windows 2000, Windows 2000 Server, Windows XP Professional, and Windows Server 2003.” According to a data collected by Netcraft, over 2.9 million active sites are based on ASP.NET technology at the moment.

This flow involves a bug in ASP.NET’s handling of URLs i.e. “canonicalization”. If a visitor to an ASP.NET based site replace “/” with “\” or “%5C” character in the URL, they may be able to bypass the password protected screens. Space substitution for the Slash also mimics the same behaviour. According to security researchers, this flow operates differently in Mozilla and IE. It also apparently allows authenticated users to bypass password protection on administrative areas of a site.

Waqas Ahmed

Advertisements

Filed under: ASP.NET, ,

Pages

Categories

Archives

.Net Hive @ Twitter

Blog Directory by Blog Flux
Computers/Tech blogs