First published: Wed Aug 12 2009(Updated: )
ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka "Remote Unauthenticated Denial of Service in ASP.NET Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft .NET Framework | =2.0-sp2 | |
Microsoft Windows Server 2008 | ||
Microsoft Windows Vista | ||
Microsoft .NET Framework | =2.0-sp1 | |
Microsoft Windows Vista | =sp1 | |
Microsoft .NET Framework | =3.5-sp1 | |
Microsoft .NET Framework | =3.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.