Unchecked Buffer in ASP.NET Worker Process New

A security vulnerability exists in the .NET session state management function which could be exploited by mounting a buffer overrun attack. A successful attack could cause the ASP.NET application to restart causing a denial of service, in addition the attacker could potentially run code of their choice on the server.

Issue

ASP.NET is a collection of technologies that help developers to build web-based applications. Web-based applications, including those built using ASP.NET, rely on HTTP to provide connectivity. One characteristic of HTTP as a protocol is that it is stateless, meaning that each page request from a user to a site is reckoned an independent request. To compensate for this, ASP.NET provides for session state management through a variety of modes.

One of these modes is StateServer mode. This mode stores session state information in a separate, running process. That process can run on the same machine or a different machine from the ASP.NET application. There is an unchecked buffer in one of the routines that handles the processing of cookies in StateServer mode. A security vulnerability results because it is possible for an attacker to seek to exploit it by mounting a buffer overrun attack. A successful attack could cause the ASP.NET application to restart. As a result, all current users of the web-based application would see their current session restart and their current session information would be lost.

The StateServer mode is not the default mode for session state management in ASP.NET. ASP.NET applications using StateServer mode that do not use cookies are not vulnerable.

Affected Products

• Microsoft .NET Framework version 1.0

Download

Patch: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=39298

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: June 6, 2002

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<