Detections
Analytics
Security Updates for Microsoft .NET Framework (August 2018)
high Nessus Plugin ID 111693
Language:
Synopsis
The Microsoft .NET Framework installation on the remote host is missing a security update.Description
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability :- An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.
(CVE-2018-8360)
Solution
Microsoft has released security updates for Microsoft .NET Framework.See Also
http://www.nessus.org/u?93e63484
http://www.nessus.org/u?2be0b30b
http://www.nessus.org/u?3356f605
http://www.nessus.org/u?09b4cda4
http://www.nessus.org/u?5d44cd3a
http://www.nessus.org/u?28c48173
http://www.nessus.org/u?cd89d90f
http://www.nessus.org/u?2837f4a2
http://www.nessus.org/u?bf699f3a
http://www.nessus.org/u?124e7bc7
http://www.nessus.org/u?cb3801fe
http://www.nessus.org/u?9ab9852e
http://www.nessus.org/u?f052611d
http://www.nessus.org/u?770b7995
http://www.nessus.org/u?e04d903e
http://www.nessus.org/u?e98b4c8a
http://www.nessus.org/u?7d39617b
http://www.nessus.org/u?088c4696
http://www.nessus.org/u?9775d00a
http://www.nessus.org/u?d0e06c76
http://www.nessus.org/u?44da5a9a
http://www.nessus.org/u?c14a7305
http://www.nessus.org/u?17554e6e
Plugin Details
Severity: High
ID: 111693
File Name: smb_nt_ms18_aug_dotnet.nasl
Version: 1.6
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 8/14/2018
Updated: 11/4/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2018-8360
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:microsoft:.net_framework
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 8/14/2018
Vulnerability Publication Date: 8/14/2018
Reference Information
CVE: CVE-2018-8360
BID: 104986
MSFT: MS18-4343885, MS18-4343887, MS18-4343892, MS18-4343897, MS18-4343909, MS18-4344144, MS18-4344145, MS18-4344146, MS18-4344147, MS18-4344148, MS18-4344149, MS18-4344150, MS18-4344151, MS18-4344152, MS18-4344153, MS18-4344165, MS18-4344166, MS18-4344167, MS18-4344171, MS18-4344172, MS18-4344173, MS18-4344175, MS18-4344176, MS18-4344177, MS18-4344178
MSKB: 4343885, 4343887, 4343892, 4343897, 4343909, 4344144, 4344145, 4344146, 4344147, 4344148, 4344149, 4344150, 4344151, 4344152, 4344153, 4344165, 4344166, 4344167, 4344171, 4344172, 4344173, 4344175, 4344176, 4344177, 4344178