Gladiator Research and Security

GSA Reference Number: AD111229-01

Simply Put: Microsoft has released a security bulletin for a privilege escalation vulnerability in its .NET Framework. This vulnerability affects Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. An attacker who exploited this vulnerability could execute commands as a more privileged user or perform an unauthenticated denial of service (DoS) attack on servers that serve ASP.NET pages.  This vulnerability was publicly disclosed. Gladiator recommends that users apply the patch provided by Microsoft as soon as possible.

Attack Details: There is a vulnerability in how ASP.NET processes certain values which could cause a hash collision allowing a small number of specialty crafted web requests to cause enough performance degradation to create a denial of service condition. This vulnerability affects versions of Windows which are no longer supported by Microsoft, including Windows XP Service Pack 2.  Patches will not be issued for unsupported operating systems.  Note: Windows XP Service Pack 3 is supported.

Countermeasures: Microsoft has released an out-of-band patch for this vulnerability.  Gladiator recommends that users apply this patch as soon as possible.

Reference Links:

• Microsoft Security Bulletin MS11-100 – Critical (http://technet.microsoft.com/en-us/security/bulletin/ms11-100)
• Microsoft Security Advisory (2659883) (http://technet.microsoft.com/en-us/security/advisory/2659883)