H-Sphere versions:   All

The .NET configuration file structure was changed in ASP.NET v.1.1, which resulted in a severe local exploit. The suggested patch fixes settings in the configuration file to ensure that customer scripts are executed under the corresponding user account rather than the built-in System account.

The improved patch performs the following:

1. Sets the following tag in C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\machine.config
   <identity impersonate="true"/>
2. Adds allowDefinition="MachineOnly" to the tag that defines the identity configuration section:
   
   <section name="identity" type="System.Web.Configuration.IdentityConfigHandler, System.Web, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" allowDefinition="MachineOnly" />
3. According to Microsoft information, it adds user groups with read/write permissions to dir
   
   C:\Document and settings\ServerName\ASPNET\local settings\temp