HTTP: Microsoft ASP.NET PKCS Padding Information Disclosure
This signature detects attempts to exploit a known vulnerability in the Microsoft .NET Framework ASP.NET. A successful attack can lead to unauthorized information disclosure.
Extended Description
Microsoft .NET Framework is prone to an information-disclosure vulnerability in ASP.NET that affects SharePoint. Successful exploits will allow attackers to decrypt and gain access to potentially sensitive data encrypted by the server or read data from arbitrary files within an ASP.NET application. Obtained information may aid in further attacks. This issue affects Microsoft .NET Framework versions 4.0 and prior.
Affected Products
Avaya messaging_application_server,Microsoft sharepoint_server_2010_standard_edition
Short Name
HTTP:INFO-LEAK:MS-PKCS-INFODISC
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ASP.NET CVE-2010-3332 Disclosure Information Microsoft PKCS Padding bid:43316
Release Date
10/24/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
Gentoo
Avaya
CVSS Score
5.0