| VID |
26060 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(Q322289) for 'Buffer Overflow Vulnerability due to the unchecked buffer in ASP.NET Worker Process' has not been applied.
ASP.NET is collection of technologies within the .NET Framework that lets developers build web applications and XML Web Services. The version 1.0 of Microsoft .NET Framework is vulnerable to a Buffer Overflow Vulnerability. ASP.NET provides for session state management through a variety of modes. One of these modes is StateServer mode that stores session state information in a separate, running process. However, in StateServer mode, a buffer overflow vulnerability can occur because a function that processes cookie data in the ASPState service fails to properly check the length of the cookies passed to it. By sending a malformed cookie to an affected ASP.NET application, a remote attacker can overflow a buffer and cause the application to restart or possibly execute arbitrary code on the Web server. The StateServer mode is not the default mode for session state management in ASP.NET. ASP.NET applications using StateServer mode that do not use cookies are not vulnerable.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS02-026.asp
http://www.kb.cert.org/vuls/id/375859
* Platforms Affected:
Microsoft .NET Framework version 1.0, of which ASP.NET is a component.
Windows NT Any version
Windows 2000 Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft's security bulletin MS02-026 at http://www.microsoft.com/technet/security/bulletin/MS02-026.asp
1. Open the page :
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=39298
2. Select a different language from the drop-down list and click <Go> button.
3. Click <Download> button to download this patch file.
4. Run this file to install the patch.
5. Restart your system to complete the installation.
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web ste, http://windowsupdate.microsoft.com.
Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2002-0369 (CVE) |
| Related URL |
4958 (SecurityFocus) |
| Related URL |
9276 (ISS) |
|
