MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)

high Nessus Plugin ID 72432

Language:

Synopsis

The version of the .NET Framework installed on the remote host is affected by multiple vulnerabilities.

Description

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities :

- An error exists related to handling stale or closed HTTP client connections that can allow denial of service attacks. (CVE-2014-0253)

- An error exists related to decisions regarding the safety of executing certain methods that can allow privilege escalation. (CVE-2014-0257)

- An error exists related to the component 'VSAVB7RT' that can allow Address Space Layout Randomization (ASLR) bypasses. (CVE-2014-0295)

Solution

Microsoft has released a set of patches for .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4.0, 4.5, and 4.5.1.

Plugin Details

Severity: High

ID: 72432

File Name: smb_nt_ms14-009.nasl

Version: 1.17

Type: local

Agent: windows

Family: Windows : Microsoft Bulletins

Published: 2/12/2014

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/11/2014

Vulnerability Publication Date: 2/11/2014

Exploitable With

Metasploit (MS14-009 .NET Deployment Service IE Sandbox Escape)

Reference Information

CVE: CVE-2014-0253, CVE-2014-0257, CVE-2014-0295

BID: 65415, 65417, 65418

MSFT: MS14-009

MSKB: 2898855, 2898856, 2898857, 2898858, 2898860, 2898864, 2898865, 2898866, 2898868, 2898869, 2898870, 2898871, 2901110, 2901111, 2901112, 2901113, 2901115, 2901118, 2901119, 2901120, 2901125, 2901126, 2901127, 2901128, 2911501, 2911502

Detections

Analytics