Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:INFO-LEAK:MS-PKCS-INFODISC

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft ASP.NET PKCS Padding Information Disclosure

Release Date

 2013/10/24

Update Number

 2313

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft ASP.NET PKCS Padding Information Disclosure


This signature detects attempts to exploit a known vulnerability in the Microsoft .NET Framework ASP.NET. A successful attack can lead to unauthorized information disclosure.

Extended Description

Microsoft .NET Framework is prone to an information-disclosure vulnerability in ASP.NET that affects SharePoint. Successful exploits will allow attackers to decrypt and gain access to potentially sensitive data encrypted by the server or read data from arbitrary files within an ASP.NET application. Obtained information may aid in further attacks. This issue affects Microsoft .NET Framework versions 4.0 and prior.

Affected Products

  • Avaya aura_conferencing 6.0
  • Avaya aura_conferencing 6.0 Standard
  • Avaya callpilot_unified_messaging
  • Avaya communication_server_1000_telephony_manager
  • Avaya meeting_exchange-client_registration_server
  • Avaya meeting_exchange-recording_server
  • Avaya meeting_exchange-streaming_server
  • Avaya meeting_exchange-web_conferencing_server
  • Avaya meeting_exchange-webportal
  • Avaya messaging_application_server 4
  • Avaya messaging_application_server 5
  • Avaya messaging_application_server MM 1.1
  • Avaya messaging_application_server MM 2.0
  • Avaya messaging_application_server MM 3.0
  • Avaya messaging_application_server MM 3.1
  • Avaya messaging_application_server
  • Gentoo linux
  • Microsoft .net_framework 1.0
  • Microsoft .net_framework 1.0 SP1
  • Microsoft .net_framework 1.0 SP2
  • Microsoft .net_framework 1.0 SP3
  • Microsoft .net_framework 1.1
  • Microsoft .net_framework 1.1 SP1
  • Microsoft .net_framework 1.1 SP2
  • Microsoft .net_framework 1.1 SP3
  • Microsoft .net_framework 2.0
  • Microsoft .net_framework 2.0 SP1
  • Microsoft .net_framework 2.0 SP2
  • Microsoft .net_framework 3.0
  • Microsoft .net_framework 3.5
  • Microsoft .net_framework 3.5 SP1
  • Microsoft .net_framework 4.0
  • Microsoft sharepoint_server_2007 12.0.0.6318
  • Microsoft sharepoint_server_2007 12.0.0.6421
  • Microsoft sharepoint_server_2007 SP1
  • Microsoft sharepoint_server_2007 SP2
  • Microsoft sharepoint_server_2007
  • Microsoft sharepoint_server_2007_enterprise_edition
  • Microsoft sharepoint_server_2007_standard_edition
  • Microsoft sharepoint_server_2007_x64 SP1
  • Microsoft sharepoint_server_2007_x64 SP2
  • Microsoft sharepoint_server_2007_x64
  • Microsoft sharepoint_server_2010_enterprise_edition
  • Microsoft sharepoint_server_2010_standard_edition
  • Microsoft sharepoint_services 3.0 SP1
  • Microsoft sharepoint_services 3.0 SP2
  • Microsoft sharepoint_services_64-bit 2.0

References

  • BugTraq: 43316
  • CVE: CVE-2010-3332

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out