CVE-2007-0042

Microsoft .NET Framework 1.0, 1.1, 2.0 - Unauthorized Sensitive Information Exposure via Null Byte Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0042. PoCs published by Paul Craig.

AI-analyzed exploit summary The provided text describes a NULL-byte injection vulnerability in Microsoft .NET Framework, where unsanitized user input can lead to information disclosure or other attacks. The example URL demonstrates the vulnerability but lacks executable exploit code.

Description

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring of a string, via %00 characters, related to use of %00 as a string terminator within POSIX functions but a data character within .NET strings, aka "Null Byte Termination Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Paul Craig · textremotewindows

https://www.exploit-db.com/exploits/30281

View Code ZIP pw:eip

The provided text describes a NULL-byte injection vulnerability in Microsoft .NET Framework, where unsanitized user input can lead to information disclosure or other attacks. The example URL demonstrates the vulnerability but lacks executable exploit code.

Classification

Writeup 80%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Microsoft .NET Framework (unspecified version)

No auth needed

Prerequisites: Access to a vulnerable .NET Framework application · Ability to inject NULL bytes into user-supplied input

MITRE ATT&CK