This script is Copyright (C) 2003-2017 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host.
The remote ASP.NET installation might be vulnerable to a buffer
overflow when an application enables StateServer mode.
An attacker could use it to cause a denial of service or run arbitrary
code with the same privileges as the process being exploited
(typically an unprivileged account).
See also :
Microsoft has released a set of patches for ASP.NET.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false