Microsoft SharePoint Service Help.aspx 'tid' Parameter DoS

medium Nessus Plugin ID 47579

Synopsis

An application running on the remote web server has a denial of service vulnerability.

Description

The version of Microsoft SharePoint Services running on the remote host has a denial of service vulnerability. Sending invalid data to the 'tid' parameter of 'help.aspx' can cause the application to hang.

A remote attacker could exploit this by sending malicious requests, causing SharePoint to hang temporarily, resulting in a denial of service. Repeatedly sending malicious requests can cause SharePoint's application pool to stop, which would require a manual restart of the application pool.

Solution

Microsoft has released a set of patches for SharePoint Services.

See Also

https://www.nessus.org/u?6b560bdb

Plugin Details

Severity: Medium

ID: 47579

File Name: sharepoint_help_dos.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 7/1/2010

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS Score Source: CVE-2010-1264

Vulnerability Information

Required KB Items: www/ASP, www/sharepoint, Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 6/8/2010

Vulnerability Publication Date: 6/8/2010

Reference Information

CVE: CVE-2010-1264

BID: 40559

IAVA: 2010-A-0079-S

MSFT: MS10-039

MSKB: 2328360, 2344911, 2344993, 2345000, 2345009, 2345043, 2346411

Secunia: 39603