How to Buy
This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote .Net Framework is susceptible to a denial of service
The remote host is running a version of the .NET Framework component of
Microsoft Windows that is suspectible to a denial of service attack due
to the way ASP.NET manages request scheduling. Using specially crafted
anonymous HTTP requests, an anonymous, remote attacker can cause the web
server to become unresponsive until the associated application pool is
Note that the vulnerable code in the .NET Framework is exposed only
through IIS 7.0 when operating in integrated mode.
See also :
Microsoft has released a set of patches for .NET Framework 2.0 and
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 40555 ()
Bugtraq ID: 35985
CVE ID: CVE-2009-1536
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.