lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <KFEMINDBKGBEMHACCJHCMEHCEIAA.brett.moore@security-assessment.com>
Date: Tue, 13 Jul 2004 14:52:15 +1200
From: "Brett Moore" <brett.moore@...urity-assessment.com>
To: "Bugtraq@...urityfocus. Com" <bugtraq@...urityfocus.com>
Subject: White Paper: 0x00 vs ASP file upload scripts


We are proud to announce the release of our latest white paper
titled 0x00 vs ASP file upload scripts.

.Abstract.
The affects of the `Poison NULL byte` have not been widely
explored in ASP, but as with other languages the NULL byte
can cause problems when ASP passes data to objects.

Many upload systems written in ASP suffer from a common
problem whereby a NULL byte can be inserted into the filename
parameter leading to any extension, after the null byte,
being ignored when writing the file. 

This means that in some cases it is possible to bypass 
checks for valid extensions, even if one is appended by the 
application. This is very similar to attacks against perl and 
PHP, the difference being how the null byte is sent to the 
application.

This problem arises when data is compared and validated in ASP 
script but passed to the FileSystemObject without checking for 
NULL bytes.

This document will discuss how ASP upload scripts can be 
affected by the Poison NULL byte attack.

.Download.
This white paper is freely available for download from our website
www.security-assessment.com under the releases->white papers section.

Any feedback or follow up to this is most welcome,

Regards

Brett Moore
Network Intrusion Specialist, CTO
Security-Assessment.com Ltd
www.security-assessment.com 


######################################################################
CONFIDENTIALITY NOTICE: 

This message and any attachment(s) are confidential and proprietary. 
They may also be privileged or otherwise protected from disclosure. If 
you are not the intended recipient, advise the sender and delete this 
message and any attachment from your system. If you are not the 
intended recipient, you are not authorised to use or copy this message 
or attachment or disclose the contents to any other person. Views 
expressed are not necessarily endorsed by Security-Assessment.com 
Limited. Please note that this communication does not designate an 
information system for the purposes of the New Zealand Electronic 
Transactions Act 2003.
######################################################################


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ