The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

    • RT @JohnKaster: Anyone else wonder if SCOTUS did this to prevent tribes from offering reproductive rights clinics in fascist states? https:… 3 hours ago
    • @daanwesterink Dat zeker. 3 hours ago
    • RT @pmleenhouts: Herhaal het pleidooi van Dirk de Wachter: "trek af en toe de gordijnen dicht". Letterlijk en figuurlijk. Kom tot rust, nee… 3 hours ago
    • RT @Walrathis: Het kabinet wil verder geen financiële hulp bieden. Dat zei de @MinPres en heeft het kabinet blijkbaar besloten. Kan er dan… 3 hours ago
    • RT @HenkWillemSmits: Volgens de politie is het "rustig" bij de gijzeling van een bedrijf van een kamerlid. Echt te bizar dat de politie dit… 3 hours ago
  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,803 other followers

Posts Tagged ‘severity rating’

More vulnerabilities solved than just the ASP.NET hash collision DoS: Microsoft Security Bulletin MS11-100 – Critical : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

Posted by jpluimers on 2011/12/29

In addition to the ASP.NET hash collision Denial of Service attack, Microsoft patches 3 more vulnerabilities resulting in an Aggregate Severity Rating that is Critical.

This is a summary of the vulnerabilities. Please read the full MS11-100 bulletin for more details and how to download and install the patches.

Vulnerability Severity Rating Maximum Security Impact Affected Software CVE ID
Important Denial of Service Collisions in HashTable May Cause DoS Vulnerability CVE-2011-3414
N/A or Moderate N/A or Spoofing Insecure Redirect in .NET Form Authentication Vulnerability CVE-2011-3415
Critical Elevation of Privilege ASP.Net Forms Authentication Bypass Vulnerability CVE-2011-3416
Important Elevation of Privilege ASP.NET Forms Authentication Ticket Caching Vulnerability CVE-2011-3417

The CVE-2011-3415 is N/A in .NET 1.1, and Moderate in all other .NET versions.

–jeroen

via Microsoft Security Bulletin MS11-100 – Critical : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420).

Posted in .NET, ASP.NET, C#, Development, Software Development, VB.NET, Visual Studio and tools | Tagged: , , , , , | Leave a Comment »

 
%d bloggers like this: