HTTP: Microsoft ASP.NET Post Request Parameters Handling Denial of Service
This signature detects attempts to exploit a known issue in Microsoft ASP.NET. Attacker could exploit this issue by sending crafted HTTP requests with high number of parameters without any values.
Extended Description
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka "Collisions in HashTable May Cause DoS Vulnerability."
Affected Products
Microsoft windows_7
References
CVE: CVE-2011-3414
Short Name
HTTP:MICROSOFT-ASPNET-POST-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ASP.NET CVE-2011-3414 Denial Handling Microsoft Parameters Post Request Service of
Release Date
11/18/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3659
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.8