Microsoft ASP.NET ValidateRequest Filters Bypass

Medium Nessus Plugin ID 58601

Synopsis

The web application framework used on the remote host may be
susceptible to cross-site scripting attacks.

Description

According to the HTTP headers received from the remote host, the web
server is configured to use the ASP.NET framework.

This framework includes the ValidateRequest feature, which is used by
ASP.NET web applications to filter user input in an attempt to prevent
cross-site scripting attacks. However, this set of filters can be
bypassed if it is the sole mechanism used for protection by a web
application.

Solution

Determine if any ASP.NET web applications solely rely on the
ValidateRequest feature, and use additional protections if necessary.

See Also

http://www.nessus.org/u?e41a641e

http://msdn.microsoft.com/en-us/library/bb355989.aspx

http://www.nessus.org/u?553a368a

Plugin Details

Severity: Medium

ID: 58601

File Name: asp_net_validaterequest_bypass.nasl

Version: 1.9

Type: remote

Family: Web Servers

Published: 2012/04/05

Modified: 2018/12/06

Dependencies: 67257

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2008-3842

CVSS v2.0

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3.0

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework, cpe:/o:microsoft:windows

Vulnerability Publication Date: 2008/08/21

Reference Information

CVE: CVE-2008-3842, CVE-2008-3843

CWE: 79