The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by a denial-of-service vulnerability:
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include('compat.inc');
if (description)
{
script_id(139506);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id("CVE-2020-1597");
script_xref(name:"IAVA", value:"2020-A-0377-S");
script_xref(name:"CEA-ID", value:"CEA-2020-0101");
script_name(english:"Security Updates for Microsoft Visual Studio Products (August 2020)");
script_set_attribute(attribute:"synopsis", value:
"The Microsoft Visual Studio Products are affected by a denial-of-service vulnerability.");
script_set_attribute(attribute:"description", value:
"The Microsoft Visual Studio Products are missing security
updates. It is, therefore, affected by a denial-of-service
vulnerability:
- A denial of service vulnerability exists when ASP.NET
Core improperly handles web requests. An attacker who
successfully exploited this vulnerability could cause a
denial of service against an ASP.NET Core web
application. The vulnerability can be exploited
remotely, without authentication. A remote
unauthenticated attacker could exploit this
vulnerability by issuing specially crafted requests to
the ASP.NET Core application. The update addresses the
vulnerability by correcting how the ASP.NET Core web
application handles web requests. (CVE-2020-1597)");
script_set_attribute(attribute:"solution", value:
"Microsoft has released 15.9.26, 16.0.17, 16.4.12, and 16.7.1 to address this issue.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1597");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/11");
script_set_attribute(attribute:"patch_publication_date", value:"2020/08/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:visual_studio");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ms_bulletin_checks_possible.nasl", "microsoft_visual_studio_installed.nbin");
script_require_keys("SMB/MS_Bulletin_Checks/Possible", "installed_sw/Microsoft Visual Studio");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include('misc_func.inc');
include('install_func.inc');
include('smb_func.inc');
include('smb_hotfixes.inc');
get_kb_item_or_exit('installed_sw/Microsoft Visual Studio');
port = get_kb_item("SMB/transport");
appname = 'Microsoft Visual Studio';
installs = get_installs(app_name:appname, exit_if_not_found:TRUE);
report = '';
foreach install (installs[1])
{
version = install['version'];
path = install['path'];
prod = install['product_version'];
fix = '';
# https://docs.microsoft.com/en-us/visualstudio/releases/2019/history
# VS 2017 (15.9)
if (prod == '2017' && version =~ '^15\\.[1-9]\\.')
{
fix = '15.9.28307.1234';
if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
}
}
# VS 2019 Version 16.0
else if (prod == '2019' && version =~ '^16\\.0\\.')
{
fix = '16.0.28803.806';
if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
}
}
# VS 2019 Version 16.4
else if (prod == '2019' && version =~ '^16\\.[1-4]\\.')
{
fix = '16.4.30406.169';
if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
}
}
# VS 2019 Version 16.7
else if (prod == '2019' && version =~ '^16\\.[5-7]\\.')
{
fix = '16.7.30406.217';
if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
}
}
}
if (empty(report))
audit(AUDIT_INST_VER_NOT_VULN, appname);
security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | visual_studio | cpe:/a:microsoft:visual_studio |