Title: Unchecked Buffer in ASP.NET Worker Process (Q322289)
Date: 06 June 2002
Software: .NET Framework
Impact: Denial of service, potentially run code of attacker's choice
Max Risk: Moderate
Bulletin: MS02-026
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-026.asp
ASP.NET is a collection of technologies that help developers to build web-based applications. Web-based applications, including those built using ASP.NET, rely on HTTP to provide connectivity. One characteristic of HTTP as a protocol is that it is stateless, meaning that each page request from a user to a site is reckoned an independent request. To compensate for this, ASP.NET provides for session state management through a variety of modes.
One of these modes is StateServer mode. This mode stores session state information in a separate, running process. That process can run on the same machine or a different machine from the ASP.NET application. There is an unchecked buffer in one of the routines that handles the processing of cookies in StateServer mode. A security vulnerability results because it is possible for an attacker to seek to exploit it by mounting a buffer overrun attack. A successful attack could cause the ASP.NET application to restart. As a result, all current users of the web-based application would see their current session restart and their current session information would be lost.
View: Microsoft Security Bulletin MS02-026
Date: 06 June 2002
Software: .NET Framework
Impact: Denial of service, potentially run code of attacker's choice
Max Risk: Moderate
Bulletin: MS02-026
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-026.asp
ASP.NET is a collection of technologies that help developers to build web-based applications. Web-based applications, including those built using ASP.NET, rely on HTTP to provide connectivity. One characteristic of HTTP as a protocol is that it is stateless, meaning that each page request from a user to a site is reckoned an independent request. To compensate for this, ASP.NET provides for session state management through a variety of modes.
One of these modes is StateServer mode. This mode stores session state information in a separate, running process. That process can run on the same machine or a different machine from the ASP.NET application. There is an unchecked buffer in one of the routines that handles the processing of cookies in StateServer mode. A security vulnerability results because it is possible for an attacker to seek to exploit it by mounting a buffer overrun attack. A successful attack could cause the ASP.NET application to restart. As a result, all current users of the web-based application would see their current session restart and their current session information would be lost.
View: Microsoft Security Bulletin MS02-026
FULL DETAILS
-----BEGIN PGP SIGNED MESSAGE-----
-----------------------------------------------------------------------
Title: Unchecked Buffer in ASP.NET Worker Process (Q322289)
Date: 06 June 2002
Software: .NET Framework
Impact: Denial of service, potentially run code of attacker's
choice
Max Risk: Moderate
Bulletin: MS02-026
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-026.asp.
- ----------------------------------------------------------------------
Issue:
======
ASP.NET is a collection of technologies that help developers to
build web-based applications. Web-based applications, including
those built using ASP.NET, rely on HTTP to provide connectivity.
One characteristic of HTTP as a protocol is that it is stateless,
meaning that each page request from a user to a site is reckoned
an independent request. To compensate for this, ASP.NET provides
for session state management through a variety of modes.
One of these modes is StateServer mode. This mode stores session
state information in a separate, running process. That process
can run on the same machine or a different machine from the
ASP.NET application. There is an unchecked buffer in one of the
routines that handles the processing of cookies in StateServer
mode. A security vulnerability results because it is possible
for an attacker to seek to exploit it by mounting a buffer
overrun attack. A successful attack could cause the ASP.NET
application to restart. As a result, all current users of
the web-based application would see their current session
restart and their current session information would be lost.
The StateServer mode is not the default mode for session
state management in ASP.NET. ASP.NET applications using
StateServer mode that do not use cookies are not vulnerable.
Mitigating Factors:
====================
- StateServer mode is not the default mode for session state
management in ASP.NET. That ASP.NET application would have
to be specifically configured to use this mode.
- Even if an application was configured to use StateServer
mode, it would only be at risk if it also used cookies.
Risk Rating:
============
- Internet systems: Moderate
- Intranet systems: Moderate
- Client systems: None
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-026.asp
for information on obtaining this patch.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.