Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:IIS:MS-SHAREPOINT-DOS |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft SharePoint Server Denial of Service |
Release Date |
2013/09/10 |
Update Number |
2298 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft SharePoint Server Denial of Service
This signature detects attempts to exploit a known vulnerability against Microsoft SharePoint Server. A successful attack can result in a denial-of-service condition.
Extended Description
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability."
Affected Products
- Microsoft sharepoint_foundation 2010
- Microsoft sharepoint_foundation 2013
- Microsoft sharepoint_portal_server 2003
- Microsoft sharepoint_server 2007
- Microsoft sharepoint_server 2010
- Microsoft sharepoint_server 2013
- Microsoft sharepoint_services 2.0
- Microsoft sharepoint_services 3.0
References
- CVE: CVE-2013-0081