Detections
Analytics

MS11-100: ASP.NET Could Allow Denial of Service (2638420) (uncredentialed check)

medium Nessus Plugin ID 57561

Language:

Synopsis

The version of ASP.NET Framework running on the remote host is affected by a denial of service vulnerability.

Description

The remote Windows host is running a version of ASP.NET that is affected by a hash collision denial of service. A flaw exists in the way ASP.NET generates hash tables for user-supplied values.
By sending a small number of specially crafted POST requests to a web server that uses ASP.NET, an attacker can take advantage of this flaw to cause a denial of service condition.

Note that this script only runs if 'Report paranoia' is set to 'Paranoid' and the 'Perofrm thorough tests' setting is enabled.

Solution

Microsoft has released a set of patches for the .NET Framework on Windows XP, 2003, Vista, 2008, 7, and 2008 R2.

See Also

http://www.nruns.com/_downloads/advisory28122011.pdf

http://www.nessus.org/u?9d25a71e

Plugin Details

Severity: Medium

ID: 57561

File Name: asp_net_hash_collision_dos.nbin

Version: 1.108

Type: remote

Family: CGI abuses

Published: 1/16/2012

Updated: 2/12/2025

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2011-3414

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: Settings/enable_web_app_tests, www/ASP, www/iis

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/29/2011

Vulnerability Publication Date: 12/28/2011

Exploitable With

Core Impact

Reference Information

CVE: CVE-2011-3414

BID: 51186