HTTP: Microsoft SharePoint Server Denial of Service

This signature detects attempts to exploit a known vulnerability against Microsoft SharePoint Server. A successful attack can result in a denial-of-service condition.

Extended Description

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability."

Affected Products

Microsoft sharepoint_server

References

CVE: CVE-2013-0081

Short Name
HTTP:IIS:MS-SHAREPOINT-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2013-0081 Denial Microsoft Server Service SharePoint of
Release Date
09/10/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Microsoft

CVSS Score

5.0

Found a potential security threat?