Home / bulletins

Microsoft Security Advisory (2659883): Vulnerability in ASP.NET Could Allow Denial of Service - Version: 1.0

Posted on 28 December 2011

Revision Note: V1.0 (December 28, 2011): Advisory published.
Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit hash tables. Attacks targeting this type of vulnerability are generically known as hash collision attacks. Attacks such as these are not specific to Microsoft technologies and affect other web service software providers. This vulnerability affects all versions of Microsoft .NET Framework and could allow for an unauthenticated denial of service attack on servers that serve ASP.NET pages. Sites that only serve static content or disallow dynamic content types listed in the mitigation factors below are not vulnerable.

Link

 

TOP