MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (HTTP)
High Nessus Plugin ID 12055
SynopsisThe remote Windows host is affected by a memory corruption vulnerability.
DescriptionThe remote Windows host has an ASN.1 library with a vulnerability that could allow an attacker to execute arbitrary code on this host.
To exploit this flaw, an attacker would need to send a specially crafted ASN.1 encoded packet with improperly advertised lengths.
This particular check sent a malformed HTML authorization packet and determined that the remote host is not patched.
SolutionApply the patch referenced above.