Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Published: 2020-05-21
Updated: 2021-07-21
Summary
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Vulnerable Configurations
| Part | Description | Count |
| Application | Microsoft | 121 |
Nessus
| NASL family | Red Hat Local Security Checks |
| NASL id | REDHAT-RHSA-2020-2250.NASL |
| description | The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2250 advisory. - dotnet: Denial of service via untrusted input (CVE-2020-1108) - dotnet: Denial of service due to infinite loop (CVE-2020-1161) Note that Nessus has not tested for this issue but has instead relied only on the application |
| last seen | 2020-05-31 |
| modified | 2020-05-22 |
| plugin id | 136820 |
| published | 2020-05-22 |
| reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/136820 |
| title | RHEL 8 : dotnet3.1 (RHSA-2020:2250) |
| NASL family | Windows |
| NASL id | SMB_NT_MS20_MAY_ASPDOTNET_CORE.NASL |
| description | The Microsoft ASP.NET Core installation on the remote host is version 3.x < 3.1.4. It is, therefore, affected by a denial of service (DoS) vulnerability when ASP.NET Core improperly handles web requests. An unauthenticated, remote attacker can exploit this issue, via sending a specially crafted requests to the ASP.NET Core application to cause the application to stop responding. |
| last seen | 2020-05-18 |
| modified | 2020-05-13 |
| plugin id | 136527 |
| published | 2020-05-13 |
| reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/136527 |
| title | Security Update for Microsoft ASP.NET Core (DoS) (May 2020) |
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS20_MAY_VISUAL_STUDIO.NASL |
| description | The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core or .NET Framework web application. The vulnerability can be exploited remotely, without authentication. (CVE-2020-1108) - A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. (CVE-2020-1161) |
| last seen | 2020-06-10 |
| modified | 2020-05-12 |
| plugin id | 136515 |
| published | 2020-05-12 |
| reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/136515 |
| title | Security Updates for Microsoft Visual Studio Products (May 2020) |
| NASL family | Oracle Linux Local Security Checks |
| NASL id | ORACLELINUX_ELSA-2020-2250.NASL |
| description | From Red Hat Security Advisory 2020:2250 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2250 advisory. - dotnet: Denial of service via untrusted input (CVE-2020-1108) - dotnet: Denial of service due to infinite loop (CVE-2020-1161) Note that Nessus has not tested for this issue but has instead relied only on the application |
| last seen | 2020-06-12 |
| modified | 2020-06-11 |
| plugin id | 137345 |
| published | 2020-06-11 |
| reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/137345 |
| title | Oracle Linux 8 : dotnet3.1 (ELSA-2020-2250) |
Redhat
| advisories | | bugzilla | | id | 1827645 | | title | CVE-2020-1161 dotnet: Denial of service due to infinite loop |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 8 is installed | | oval | oval:com.redhat.rhba:tst:20193384074 |
| OR | | AND | | comment | dotnet3.1-debugsource is earlier than 0:3.1.104-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250001 |
| comment | dotnet3.1-debugsource is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250002 |
|
| AND | | comment | netstandard-targeting-pack-2.1 is earlier than 0:3.1.104-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250003 |
| comment | netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20200130004 |
|
| AND | | comment | dotnet-templates-3.1 is earlier than 0:3.1.104-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250005 |
| comment | dotnet-templates-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250006 |
|
| AND | | comment | dotnet-targeting-pack-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250007 |
| comment | dotnet-targeting-pack-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250008 |
|
| AND | | comment | dotnet-sdk-3.1 is earlier than 0:3.1.104-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250009 |
| comment | dotnet-sdk-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250010 |
|
| AND | | comment | dotnet-runtime-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250011 |
| comment | dotnet-runtime-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250012 |
|
| AND | | comment | dotnet-hostfxr-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250013 |
| comment | dotnet-hostfxr-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250014 |
|
| AND | | comment | dotnet-host is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250015 |
| comment | dotnet-host is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20191259010 |
|
| AND | | comment | dotnet-apphost-pack-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250017 |
| comment | dotnet-apphost-pack-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250018 |
|
| AND | | comment | dotnet is earlier than 0:3.1.104-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250019 |
| comment | dotnet is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20191259004 |
|
| AND | | comment | aspnetcore-targeting-pack-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250021 |
| comment | aspnetcore-targeting-pack-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250022 |
|
| AND | | comment | aspnetcore-runtime-3.1 is earlier than 0:3.1.4-2.el8_2 | | oval | oval:com.redhat.rhsa:tst:20202250023 |
| comment | aspnetcore-runtime-3.1 is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20202250024 |
|
|
|
|
| | rhsa | | id | RHSA-2020:2250 | | released | 2020-05-21 | | severity | Important | | title | RHSA-2020:2250: dotnet3.1 security update (Important) |
|
|
| rpms | - rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.4-2.el7
- rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.4-2.el7
- rh-dotnet31-dotnet-0:3.1.104-2.el7
- rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.4-2.el7
- rh-dotnet31-dotnet-debuginfo-0:3.1.104-2.el7
- rh-dotnet31-dotnet-host-0:3.1.4-2.el7
- rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.4-2.el7
- rh-dotnet31-dotnet-runtime-3.1-0:3.1.4-2.el7
- rh-dotnet31-dotnet-sdk-3.1-0:3.1.104-2.el7
- rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.4-2.el7
- rh-dotnet31-dotnet-templates-3.1-0:3.1.104-2.el7
- rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.104-2.el7
- aspnetcore-runtime-3.1-0:3.1.4-2.el8_2
- aspnetcore-targeting-pack-3.1-0:3.1.4-2.el8_2
- dotnet-0:3.1.104-2.el8_2
- dotnet-apphost-pack-3.1-0:3.1.4-2.el8_2
- dotnet-apphost-pack-3.1-debuginfo-0:3.1.4-2.el8_2
- dotnet-host-0:3.1.4-2.el8_2
- dotnet-host-debuginfo-0:3.1.4-2.el8_2
- dotnet-hostfxr-3.1-0:3.1.4-2.el8_2
- dotnet-hostfxr-3.1-debuginfo-0:3.1.4-2.el8_2
- dotnet-runtime-3.1-0:3.1.4-2.el8_2
- dotnet-runtime-3.1-debuginfo-0:3.1.4-2.el8_2
- dotnet-sdk-3.1-0:3.1.104-2.el8_2
- dotnet-sdk-3.1-debuginfo-0:3.1.104-2.el8_2
- dotnet-targeting-pack-3.1-0:3.1.4-2.el8_2
- dotnet-templates-3.1-0:3.1.104-2.el8_2
- dotnet3.1-debuginfo-0:3.1.104-2.el8_2
- dotnet3.1-debugsource-0:3.1.104-2.el8_2
- netstandard-targeting-pack-2.1-0:3.1.104-2.el8_2
|