ASP.NET contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered when a specially crafted URL which takes advantage of character handling is used to directly access a file which otherwise requires authentication. It is possible that the flaw may allow unauthorized file access resulting in a loss of confidentiality.

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

• Security Tracker: 1011559
• Bugtraq ID: 11342
• Secunia Advisory ID: 12749
• ISS X-Force ID: 17644
• CVE ID: 2004-0847 (see also: NVD)
• Microsoft Knowledge Base Article: 887459
• Mail List Post: http://archives.neohapsis.com/archives/ntbugtraq/2004-q3/0221.html
  http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0028.html
• Other Advisory URL: http://sourceforge.net/mailarchive/forum.php?thread_id=5671607&forum_id=24754
• Vendor Specific Solution URL: http://www.microsoft.com/downloads/details.aspx?familyid=DA77B852-DFA0-4631-AAF9-8BCC6C743026&displaylang=en
• Microsoft Security Bulletin: MS05-004

• Toby Beaumont - tobycreator.co.uk -