Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:1361412562310832617HistoryNov 15, 2023 - 12:00 a.m.
Microsoft .NET Framework Multiple Vulnerabilities (KB5032007)
2023-11-1500:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
2
microsoft .net framework
security update
privilege elevation
security bypass
windows 11
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.4%
This host is missing an important security
update according to Microsoft KB5032007
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.832617");
script_version("2023-11-23T05:06:17+0000");
script_cve_id("CVE-2023-36049", "CVE-2023-36560", "CVE-2023-36558", "CVE-2023-36038");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2023-11-23 05:06:17 +0000 (Thu, 23 Nov 2023)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-11-21 19:25:00 +0000 (Tue, 21 Nov 2023)");
script_tag(name:"creation_date", value:"2023-11-15 11:09:01 +0530 (Wed, 15 Nov 2023)");
script_name("Microsoft .NET Framework Multiple Vulnerabilities (KB5032007)");
script_tag(name:"summary", value:"This host is missing an important security
update according to Microsoft KB5032007");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Multiple flaws exist due to,
- ASP.NET Security Feature Bypass Vulnerability.
- ASP.NET Core Denial of Service Vulnerability.
- .NET Framework, and Visual Studio Elevation of Privilege Vulnerability.");
script_tag(name:"impact", value:"Successful exploitation will allow attackers to
elevate privileges and bypass security restrictions on the target system.");
script_tag(name:"affected", value:"Microsoft .NET Framework 3.5 and 4.8.1 on Microsoft Windows 11, version 22H2 and Microsoft Windows 11, version 23H2.");
script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"https://support.microsoft.com/en-us/help/5032007");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Windows : Microsoft Bulletins");
script_dependencies("smb_reg_service_pack.nasl");
script_require_ports(139, 445);
script_mandatory_keys("SMB/WindowsVersion");
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
if(hotfix_check_sp(win11:1) <= 0) {
exit(0);
}
key = "SOFTWARE\Microsoft\Windows NT\CurrentVersion";
if(!registry_key_exists(key:key)) {
exit(0);
}
build = registry_get_sz(key:key, item:"CurrentBuild");
if(!build || (build != "22621" && build != "22631")) {
exit(0);
}
if(!registry_key_exists(key:"SOFTWARE\Microsoft\.NETFramework")){
if(!registry_key_exists(key:"SOFTWARE\Microsoft\ASP.NET")){
if(!registry_key_exists(key:"SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\")){
exit(0);
}
}
}
key_list = make_list("SOFTWARE\Microsoft\.NETFramework\", "SOFTWARE\Microsoft\ASP.NET\", "SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\");
foreach key(key_list)
{
if(".NETFramework" >< key)
{
foreach item (registry_enum_keys(key:key))
{
NetPath = registry_get_sz(key:key, item:"InstallRoot");
if(NetPath && "\Microsoft.NET\Framework" >< NetPath)
{
foreach item (registry_enum_keys(key:key))
{
dotPath = NetPath + item;
dllVer = fetch_file_version(sysPath:dotPath, file_name:"System.web.dll");
if(dllVer)
{
if(version_in_range(version:dllVer, test_version:"2.0.50727.5700", test_version2:"2.0.50727.9174"))
{
VULN = TRUE ;
vulnerable_range = "2.0.50727.5700 - 2.0.50727.9174";
break;
}
else if(version_in_range(version:dllVer, test_version:"4.8.9000", test_version2:"4.8.9205.0"))
{
VULN = TRUE ;
vulnerable_range = "4.8.9000 - 4.8.9205.0" ;
break;
}
}
}
if(vulnerable_range){
break;
}
}
}
}
if((!vulnerable_range) && "ASP.NET" >< key)
{
foreach item (registry_enum_keys(key:key))
{
dotPath = registry_get_sz(key:key, item:"Path");
if(dotPath && "\Microsoft.NET\Framework" >< dotPath)
{
dllVer = fetch_file_version(sysPath:dotPath, file_name:"System.Web.dll");
if(dllVer)
{
if(version_in_range(version:dllVer, test_version:"2.0.50727.5700", test_version2:"2.0.50727.9174"))
{
VULN = TRUE ;
vulnerable_range = "2.0.50727.5700 - 2.0.50727.9174";
break;
}
else if(version_in_range(version:dllVer, test_version:"4.8.9000", test_version2:"4.8.9205"))
{
VULN = TRUE ;
vulnerable_range = "4.8.9000 - 4.8.9205" ;
break;
}
}
}
}
}
## For versions greater than 4.5 (https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#net_b)
if((!vulnerable_range) && "NET Framework Setup" >< key)
{
dotPath = registry_get_sz(key:key, item:"InstallPath");
if(dotPath && "\Microsoft.NET\Framework" >< dotPath)
{
dllVer = fetch_file_version(sysPath:dotPath, file_name:"System.Web.dll");
if(dllVer)
{
if(version_in_range(version:dllVer, test_version:"2.0.50727.5700", test_version2:"2.0.50727.9174"))
{
VULN = TRUE ;
vulnerable_range = "2.0.50727.5700 - 2.0.50727.9174";
break;
}
else if(version_in_range(version:dllVer, test_version:"4.8.9000", test_version2:"4.8.9205"))
{
VULN = TRUE ;
vulnerable_range = "4.8.9000 - 4.8.9205" ;
break;
}
}
}
}
if(VULN)
{
report = report_fixed_ver(file_checked:dotPath + "\System.Web.dll",
file_version:dllVer, vulnerable_range:vulnerable_range);
security_message(port:0, data:report);
exit(0);
}
}
exit(99);
References
Related
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (KB5031989)
2023-11-15 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5032339)
2023-11-15 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5032338)
2023-11-15 00:00:00
kaspersky
kaspersky
KLA61979 Multiple vulnerabilities in Microsoft Developer Tools
2023-11-14 00:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (November 2023)
2023-11-15 00:00:00
Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2023-457)
2023-12-15 00:00:00
AlmaLinux 9 : dotnet8.0 (ALSA-2023:7253)
2023-11-16 00:00:00
mskb
mskb
oraclelinux
oraclelinux
dotnet7.0 security update
2023-11-22 00:00:00
dotnet6.0 security update
2023-11-23 00:00:00
dotnet7.0 security update
2023-11-27 00:00:00
redhat
redhat
(RHSA-2023:7258) Moderate: dotnet6.0 security update
2023-11-15 17:26:10
(RHSA-2023:7257) Moderate: dotnet6.0 security update
2023-11-15 17:24:45
(RHSA-2023:7253) Moderate: dotnet8.0 security update
2023-11-15 17:19:53
osv
osv
dotnet6, dotnet7, dotnet8 vulnerabilities
2023-11-15 14:51:43
Moderate: dotnet6.0 security update
2023-11-28 22:43:36
Moderate: dotnet7.0 security update
2023-11-15 00:00:00
almalinux
almalinux
Moderate: dotnet8.0 security update
2023-11-15 00:00:00
Moderate: dotnet6.0 security update
2023-11-15 00:00:00
Moderate: dotnet8.0 security update
2023-11-15 00:00:00
rocky
rocky
dotnet6.0 security update
2023-11-28 22:43:36
dotnet7.0 security update
2023-11-28 22:43:36
ubuntu
ubuntu
.NET vulnerabilities
2023-11-15 00:00:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2023-11-23 08:09:30
Code Injection
2023-11-30 18:37:02
Security Bypass
2023-11-15 09:57:15
ubuntucve
ubuntucve
cvelist
cvelist
ASP.NET Security Feature Bypass Vulnerability
2023-11-14 17:57:05
ASP.NET Core Denial of Service Vulnerability
2023-11-14 21:35:48
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
2023-11-14 20:18:04
prion
prion
Denial of service
2023-11-14 22:15:00
Security feature bypass
2023-11-14 18:15:00
Privilege escalation
2023-11-14 21:15:00
mscve
mscve
ASP.NET Core Denial of Service Vulnerability
2023-11-14 08:00:00
ASP.NET Security Feature Bypass Vulnerability
2023-11-14 08:00:00
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
2023-11-14 08:00:00
zdi
zdi
alpinelinux
alpinelinux
CVE-2023-36049
2023-11-14 21:15:10
CVE-2023-36558
2023-11-14 22:15:29
github
github
redhatcve
redhatcve
CVE-2023-36049
2023-11-15 14:11:35
CVE-2023-36558
2023-11-15 14:13:05
redos
redos
ROS-20240329-04
2024-03-29 00:00:00
ibm
ibm
malwarebytes
malwarebytes
Update now! Microsoft patches 3 actively exploited zero-days
2023-11-15 22:04:31
krebs
krebs
Microsoft Patch Tuesday, November 2023 Edition
2023-11-14 23:00:59
thn
thn
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
2023-11-15 05:46:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
2023-11-14 20:29:03
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09
ics
ics
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.4%
Related for OPENVAS:1361412562310832617