Summary
This host is missing a critical security update according to Microsoft Bulletin MS11-100.
Impact
Successful exploitation could allow attacker to cause a denial of service, conduct spoofing attacks or bypass certain security restrictions.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms11-100
Insight
- An error within ASP.NET when hashing form posts and updating a hash table.
This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.
- Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL.
- The Forms Authentication feature in the ASP.NET subsystem allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username.
- The Forms Authentication feature in the ASP.NET subsystem when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL.
Affected
Microsoft .NET Framework 4
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 1.1 Service Pack 1
References
- http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx
- http://secunia.com/advisories/47323
- http://technet.microsoft.com/en-us/security/bulletin/ms11-100
- http://www.kb.cert.org/vuls/id/903934
- http://www.nruns.com/_downloads/advisory28122011.pdf
- http://www.ocert.org/advisories/ocert-2011-003.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-3414, CVE-2011-3415, CVE-2011-3416, CVE-2011-3417 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
- Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
- Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)
- ADODB.Stream object from Internet Explorer (KB870669)
- Microsoft Internet Explorer Memory Corruption Vulnerability (2755801)