{"vuid":"VU#283646","idnumber":"283646","name":"Microsoft ASP.NET fails to perform proper canonicalization","keywords":["Microsoft","ASP.NET","canonicalization","ms07-oct"],"overview":"Microsoft ASP.NET contains a canonicalization vulnerability that may allow a remote unauthenticated attacker to gain access to secure contents.","clean_desc":"Microsoft ASP.NET is a programming framework for creating web applications. The canonicalization routine used by ASP.NET fails to correctly parse URLs.","impact":"Depending on the contents of the web site, an attacker may take a variety of actions. For example, a remote unauthenticated attacker may be able to access secure web site contents by using a specially crafted URL.","resolution":"Install an update\nInstall an update, as specified by MS05-004.","workarounds":"Workarounds Microsoft includes the following workarounds in MS05-004: Install an HTTP module to check for canonicalization issues as described in Microsoft Knowledge Base article 87289. Test for canonicalization issues with ASP.NET as described in Microsoft Knowledge Base article 887459. Install and use URLScan.","sysaffected":"","thanks":"This vulnerability was publicly disclosed by Toby Beaumont.","author":"This document was written by Will Dormann.","public":["http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx","http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx","http://www.microsoft.com/windows2000/downloads/recommended/urlscan/default.asp","http://support.microsoft.com/kb/887289","http://support.microsoft.com/kb/887459","http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html","http://xforce.iss.net/xforce/xfdb/17644","http://www.securityfocus.com/bid/11342","http://secunia.com/advisories/12749/","http://securitytracker.com/alerts/2004/Oct/1011559.html","http://securitytracker.com/alerts/2005/Feb/1013109.html"],"cveids":["CVE-2004-0847"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-10-07T19:18:46Z","publicdate":"2004-10-05T00:00:00Z","datefirstpublished":"2005-02-09T00:29:48Z","dateupdated":"2007-10-16T20:58:07Z","revision":13,"vrda_d1_directreport":"0","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"15","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"37.96875","cam_scorecurrentwidelyknown":"37.96875","cam_scorecurrentwidelyknownexploited":"63.28125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":37.96875,"vulnote":null}