CVE-2004-0847 - OpenCVE

The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability."

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Asp.net

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:asp.net::::::::
	cpe:2.3:a:microsoft:asp.net:1.1:sp1::::::

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html
http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754
http://www.kb.cert.org/vuls/id/283646
http://www.securityfocus.com/bid/11342
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-004
https://exchange.xforce.ibmcloud.com/vulnerabilities/17644
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3556
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4987

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-10-06T04:00:00

Updated: 2024-08-08T00:31:47.674Z

Reserved: 2004-09-08T00:00:00

Link: CVE-2004-0847

Vulnrichment

No data.

NVD

Status : Modified

Published: 2004-11-03T05:00:00.000

Modified: 2018-10-12T21:35:23.200

Link: CVE-2004-0847

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-09-14T00:00:00", "descriptions": [{"lang": "en", "value": "The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) \"\\\" (backslash) or (2) \"%5C\" (encoded backslash), aka \"Path Validation Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "MS05-004", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-004"}, {"tags": ["x_refsource_MISC"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754"}, {"name": "oval:org.mitre.oval:def:4987", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4987"}, {"name": "TA05-039A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"}, {"name": "windows-forms-security-bypass(17644)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17644"}, {"name": "oval:org.mitre.oval:def:3556", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3556"}, {"name": "VU#283646", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/283646"}, {"name": "11342", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11342"}, {"name": "20040914 Security bug in .NET Forms Authentication", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0847", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) \"\\\" (backslash) or (2) \"%5C\" (encoded backslash), aka \"Path Validation Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "MS05-004", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-004"}, {"name": "http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754", "refsource": "MISC", "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754"}, {"name": "oval:org.mitre.oval:def:4987", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4987"}, {"name": "TA05-039A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"}, {"name": "windows-forms-security-bypass(17644)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17644"}, {"name": "oval:org.mitre.oval:def:3556", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3556"}, {"name": "VU#283646", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/283646"}, {"name": "11342", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11342"}, {"name": "20040914 Security bug in .NET Forms Authentication", "refsource": "NTBUGTRAQ", "url": "http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:31:47.674Z"}, "title": "CVE Program Container", "references": [{"name": "MS05-004", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-004"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754"}, {"name": "oval:org.mitre.oval:def:4987", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4987"}, {"name": "TA05-039A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"}, {"name": "windows-forms-security-bypass(17644)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17644"}, {"name": "oval:org.mitre.oval:def:3556", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3556"}, {"name": "VU#283646", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/283646"}, {"name": "11342", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11342"}, {"name": "20040914 Security bug in .NET Forms Authentication", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0847", "datePublished": "2004-10-06T04:00:00", "dateReserved": "2004-09-08T00:00:00", "dateUpdated": "2024-08-08T00:31:47.674Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B666A98-0AC9-41D5-AB92-226BB6BC4681", "versionEndIncluding": "1.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:asp.net:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "CC441C4B-3A1E-4709-8601-44477A6D5FA0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) \"\\\" (backslash) or (2) \"%5C\" (encoded backslash), aka \"Path Validation Vulnerability.\""}, {"lang": "es", "value": "La caracter\u00edstica de autenticaci\u00f3n en formularios .NET permite a atacantes remotos evitar la autenticaci\u00f3n de ficheros .aspx en directorios restringidos mediante una petici\u00f3n conteniendo un (1) 1) \"\" (barra invertida) or (2) \"\"%5C\"\" (barra invertida codificada)."}], "id": "CVE-2004-0847", "lastModified": "2018-10-12T21:35:23.200", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2004-11-03T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/283646"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/11342"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-004"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17644"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3556"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4987"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}