HTTP: IIS ASP Request Validation Flaw Exploitation

This signature detects attempts to exploit a known vulnerability in Microsoft ASP.NET framework. The ASP.NET feature "Request Validation" is designed to prevent XSS (Cross-Site Scripting) in ASP applications. Due to an implementation flaw, attackers can send HTTP parameters encoded with a NULL character to pass the validation filter; these parameters are then correctly intepreted by Web browsers (including IE6).

Extended Description

Request Validation, a feature included in ASP.NET 1.1, may not adequately sanitize hostile user-supplied input. ASP scripts that depend on Request Validation to sanitize user-supplied input may still be prone to cross-site scripting or HTML injection attacks as a result. Request Validation may be bypassed by including a null byte (%00) in malicious user-supplied input. It should be noted that this can also create a false sense of security, since the expectation is that Request Validation should sufficiently sanitize hostile input.

Affected Products

Microsoft asp.net

References

BugTraq: 8562

URL: http://securityfocus.com/archive/1/336563/2003-09-05/2003-09-11/0

Short Name

HTTP:XSS:ASP-REQ-VALIDATION

Severity

Minor

Recommended

False

Recommended Action

None

HTTP: IIS ASP Request Validation Flaw Exploitation

Extended Description

Affected Products

References

Found a potential security threat?