SEC Consult SA-20111230-0 :: Critical authentication bypass in Microsoft ASP.NET Forms - CVE-2011-3416

SEC Consult Vulnerability Lab Security Advisory 20111230-0 ======================================================================= title: Microsoft ASP.NET Forms Authentication Bypass product: Microsoft .NET Framework vulnerable version: Microsoft .NET Framework Version:4.0.30319; ASP.NET...

CVE-2011-3417

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, ak...

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."...

Authentication flaw

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."...

Authentication flaw

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, ak...

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."...

CVE-2011-3415

Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in...

CVE-2011-3414

CVE-2011-3414 concerns a denial-of-service in the Microsoft .NET Framework ASP.NET HashTable mapping. The vulnerability arises from the CaseInsensitiveHashProvider.getHashCode function used by the HashTable implementation across .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, which can ...

Microsoft .NET Framework 用户验证权限提升漏洞(CVE-2011-3416)

BUGTRAQ ID: 51201 CVE ID: CVE-2011-3416 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在用户验证的实现上存在权限提升漏洞，攻击者可利用此漏洞非法访问另一个用户账户，以其权限执行任意命令。要利用此漏洞，非法攻击者需要在ASP.NET应用上注册一个帐户并了解目标用户的现有帐户名，然后使用之前注册的账目名访问该帐户来构造特制的Web请求。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x...

Microsoft .NET Framework 缓存处理代码执行漏洞

BUGTRAQ ID: 51203 CVE ID: CVE-2011-3417 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在处理缓存内容的方式上存在权限提升漏洞，通过发送特制的链接并诱使用户打开此类链接，攻击者可利用此漏洞执行任意恶意代码。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x Microsoft .NET Framework 1.x 厂商补丁： Microso...

Microsoft .NET Framework表单验证URL存在欺骗漏洞

BUGTRAQ ID: 51202 CVE ID: CVE-2011-3415 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在表单验证过程中验证返回的URL时存在欺骗漏洞，成功利用此漏洞的攻击者可将用户重定向到恶意站点，然后执行钓鱼攻击，获取用户敏感信息。此漏洞不允许攻击者直接执行代码或提升其用户权限。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x Microsoft...

Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

This host is missing a critical security update according to Microsoft Bulletin MS11-100. OpenVAS Vulnerability Test $Id: secpodms11-100.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerabilities in .NET Framework Could Allow Elevation of Privilege 2638420 Authors: Sooraj KS Copyright: Copyright c 2011...

CVE-2011-1253

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, 3 a crafted .NE...

Design/Logic Flaw

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, 3 a crafted .NE...

Microsoft .Net and Silverlight Framework Remote Code Execution (MS11-078; CVE-2011-1253)

A remote code execution vulnerability has been reported in Microsoft .NET Framework and Silverlight framework. The vulnerability is due to the way that .NET Framework and Silverlight framework restrict inheritance within classes. A remote attacker may exploit this vulnerability by enticing...

Microsoft .NET Framework Information Disclosure Vulnerability (2567951)

This host is missing an important security update according to Microsoft Bulletin MS11-069. OpenVAS Vulnerability Test $Id: secpodms11-069.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Information Disclosure Vulnerability 2567951 Authors: Sooraj KS Copyright: Copyright c 2011...

Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)

This host is missing an important security update according to Microsoft Bulletin MS11-066. OpenVAS Vulnerability Test $Id: secpodms11-066.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Chart Control Information Disclosure Vulnerability 2567943 Authors: Sooraj KS Copyright: Copyrig...

Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)

This host is missing an important security update according to Microsoft Bulletin MS11-066. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2011-1978

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET...