Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft .NET Framework权限许可和访问控制问题漏洞
Vulnerability Description
ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft .NET Framework在用户验证的实现上存在权限许可和访问控制漏洞。攻击者可利用该漏洞非法访问另一个用户账户,以其权限执行任意命令。若要利用该漏洞,非法攻击者需要在ASP.NET应用上注册一个帐户并了解目标用户的现有帐户名,然后使用之前注册的账目名访问该帐户来构造特制的Web请求。
CVSS Information
N/A
Vulnerability Type
N/A