Signature Detail

HTTP: IIS ASP Cross Site Scripting Bypass

This signature detects attempts to exploit a known vulnerability against Microsoft ASP Web server. Attackers can use this vulnerability to create cross site scripting.

Extended Description

Microsoft ASP.NET is prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input before it is rendered in the browser of an unsuspecting user in the context of the affected site. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user, with the privileges of the victim user’s account. This may help the attacker steal cookie-based authentication credentials, retrieve sensitive information, and launch other attacks.

Affected Products

• Microsoft .NET Framework 2.0
• Microsoft Windows 2000 Server SP4
• Microsoft Windows Server 2003 Datacenter Edition SP1
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition SP1
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition SP1
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition SP1
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Media Center Edition SP1
• Microsoft Windows XP Media Center Edition SP2
• Microsoft Windows XP Media Center Edition
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Tablet PC Edition

References

• BugTraq: 20337
• CVE: CVE-2006-3436
• URL: http://www.microsoft.com/technet/security/bulletin/MS06-056.mspx