Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS19_APR_ASPDOTNET_CORE_CVE-2019-0815.NASL
HistoryApr 10, 2019 - 12:00 a.m.

ASP.NET Core Denial of Service Vulnerability (April 2019)

2019-04-1000:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

A denial of service (DoS) vulnerability exists in ASP.NET Core Hosting Bundle module AspNetCoreModuleV2 (ANCM) due to improper handling of web requests. An unauthenticated, remote attacker can exploit this issue, via specially crafted requests, to cause the hosted application to stop responding.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(123974);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/25");

  script_cve_id("CVE-2019-0815");
  script_bugtraq_id(107701);

  script_name(english:"ASP.NET Core Denial of Service Vulnerability (April 2019)");
  script_summary(english:"Checks the version of AspNetCoreModuleV2 (ANCM).");

  script_set_attribute(attribute:"synopsis", value:
"The Microsoft ASP.NET Core Hosting Bundle installation on the remote host contains vulnerable package.");
  script_set_attribute(attribute:"description", value:
"A denial of service (DoS) vulnerability exists in
ASP.NET Core Hosting Bundle module AspNetCoreModuleV2 (ANCM)
due to improper handling of web requests. An unauthenticated, remote
attacker can exploit this issue, via specially crafted requests, to cause the
hosted application to stop responding.");
  # https://github.com/aspnet/Announcements/issues/352
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3a2a19ac");
  # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0815
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7a70bcde");
  script_set_attribute(attribute:"solution", value:
"Update ASP.NET Core AspNetCoreModuleV2 (ANCM) as per vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-0815");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:asp.net_core");
  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl");
  script_require_keys("Settings/ParanoidReport", "SMB/Registry/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}

include('audit.inc');
include('smb_func.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_hotfixes.inc');
include('misc_func.inc');
include('vcf.inc');

if (report_paranoia < 2) audit(AUDIT_PARANOID);
get_kb_item_or_exit('SMB/Registry/Enumerated');
port = kb_smb_transport();

app_name = 'Microsoft ASP.NET Core Hosting Bundle';
version = NULL;
aspnetcorev2_dll = NULL;

path  = hotfix_get_programfilesdir();
if (!path) exit(1, 'Can\'t determine the location of the \'Program Files\' folder.');

aspnetcorev2_dll  = hotfix_append_path(path:path, value:'\\IIS\\Asp.Net Core Module\\V2\\aspnetcorev2.dll');
ver = hotfix_get_fversion(path:aspnetcorev2_dll);
if (ver['error'] != HCF_OK) audit(AUDIT_NOT_INST, app_name + ' AspNetCoreModuleV2');

version = join(ver['value'], sep:'.');
constraints = [
  { 'max_version': '12.2.19024.2', 'fixed_version' : '12.2.19048.0', 'fixed_display' : '2.2.4 (12.2.19048.0)' }
];

check_ver = vcf::check_version(version:vcf::parse_version(version), constraints:constraints);
if(vcf::is_error(check_ver) || isnull(check_ver)) audit(AUDIT_INST_VER_NOT_VULN, app_name, version);

report = '\nAspNetCoreModuleV2 (ANCM): ' + aspnetcorev2_dll;
report += '\nDetected Version: ' + version;
report += '\nFixed Version: ' + check_ver['fixed_display'];

security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);
VendorProductVersionCPE
microsoftasp.net_corecpe:/a:microsoft:asp.net_core

Related

veracode 1
osv 1
symantec 1
prion 1
cvelist 1
cve 1
mscve 1
kaspersky 1
talosblog 1
veracode
veracode
Denial Of Service (DoS)
2019-07-08 11:31:10
osv
osv
CVE-2019-0815
2019-04-09 21:29:01
symantec
symantec
Microsoft ASP.NET Core CVE-2019-0815 Denial of Service Vulnerability
2019-04-09 00:00:00
prion
prion
Denial of service
2019-04-09 21:29:00
cvelist
cvelist
CVE-2019-0815
2019-04-09 20:16:25
cve
cve
CVE-2019-0815
2019-04-09 21:29:00
mscve
mscve
ASP.NET Core Denial of Service Vulnerability
2019-04-09 07:00:00
kaspersky
kaspersky
KLA11459 Multiple vulnerabilities in Microsoft Developer Tools
2019-04-09 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage
2019-04-09 11:10:02
JSON
Related for SMB_NT_MS19_APR_ASPDOTNET_CORE_CVE-2019-0815.NASL
veracode1osv1symantec1prion1cvelist1cve1mscve1kaspersky1talosblog1