SUSE CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."...

Microsoft ASP.NET Forms Authentication Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Microsoft ASP.NET Forms Authentication Bypass product: Microsoft .NET Framework vulnerable version: Microsoft .NET Framework Version:4.0.30319; ASP.NET...

Microsoft ASP.NET Authentication Bypass Elevation of Privilege (MS11-100; CVE-2011-3416)

An elevation of privilege vulnerability has been reported in Microsoft ASP.NET...

SEC Consult SA-20111230-0 :: Critical authentication bypass in Microsoft ASP.NET Forms - CVE-2011-3416

SEC Consult Vulnerability Lab Security Advisory 20111230-0 ======================================================================= title: Microsoft ASP.NET Forms Authentication Bypass product: Microsoft .NET Framework vulnerable version: Microsoft .NET Framework Version:4.0.30319; ASP.NET...

CVE-2011-3416

CVE-2011-3416 affects Microsoft .NET Framework's ASP.NET Forms Authentication, allowing remote authenticated users to obtain access to arbitrary user accounts via a crafted username. Affected: .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0. The issue is addressed by MS11-100; vulnerable...

Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

This host is missing a critical security update according to Microsoft Bulletin MS11-100. OpenVAS Vulnerability Test $Id: secpodms11-100.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerabilities in .NET Framework Could Allow Elevation of Privilege 2638420 Authors: Sooraj KS Copyright: Copyright c 2011...

Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

This host is missing a critical security update according to Microsoft Bulletin MS11-100. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework 用户验证权限提升漏洞(CVE-2011-3416)

BUGTRAQ ID: 51201 CVE ID: CVE-2011-3416 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在用户验证的实现上存在权限提升漏洞，攻击者可利用此漏洞非法访问另一个用户账户，以其权限执行任意命令。要利用此漏洞，非法攻击者需要在ASP.NET应用上注册一个帐户并了解目标用户的现有帐户名，然后使用之前注册的账目名访问该帐户来构造特制的Web请求。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x...

MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

The remote Windows host is running a version of the Microsoft ASP.NET Framework that has multiple vulnerabilities. These include: - A flaw exists in the way ASP.NET generates hash tables for user-supplied values. By sending a small number of specially crafted posts to an ASP.NET server, an attack...