You are here

U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users

January 4, 2012 - 8:00am

Addthis

PROBLEM:

Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users .

PLATFORM:

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

ABSTRACT:

A remote user can execute arbitrary commands on the target system. A remote user can access a target user's account. A remote user can redirect users to arbitrary sites.

reference  LINKS:

Microsoft Security Bulletin MS11-100
SecurityTracker Alert ID: 1026479

IMPACT ASSESSMENT:

High

Discussion:

Several vulnerabilities were reported in Microsoft .NET. A remote user can execute arbitrary commands on the target application. A remote user can redirect users.

A remote user can access a target user's account. A remote user can exploit a flaw in the verification of return URLs during forms authentication to redirect the target user to an arbitrary web site CVE-2011-3415.

A remote user with a registered account on the target ASP.NET application can submit a specially crafted request using that account to exploit an authentication flaw and gain access to the target user's account CVE-2011-3416.

A remote user can exploit a flaw in the handling of cached content when Forms Authentication is used with sliding expiry to execute arbitrary commands on the target site in the context of the target user CVE-2011-3417.

Impact:

A remote user can execute arbitrary commands on the target system. A remote user can access a target user's account. A remote user can redirect users to arbitrary sites.

Solution:

The vendor has issued a fix. A patch matrix is available in the vendor's advisory. Microsoft Security Bulletin MS11-100

Addthis