Microsoft SharePoint Service Help.aspx 'tid' Parameter DoS

Medium Nessus Plugin ID 47579

Synopsis

An application running on the remote web server has a denial of service vulnerability.

Description

The version of Microsoft SharePoint Services running on the remote host has a denial of service vulnerability. Sending invalid data to the 'tid' parameter of 'help.aspx' can cause the application to hang.

A remote attacker could exploit this by sending malicious requests, causing SharePoint to hang temporarily, resulting in a denial of service. Repeatedly sending malicious requests can cause SharePoint's application pool to stop, which would require a manual restart of the application pool.

Solution

Microsoft has released a set of patches for SharePoint Services.

See Also

http://technet.microsoft.com/en-us/security/bulletin/MS10-039

Plugin Details

Severity: Medium

ID: 47579

File Name: sharepoint_help_dos.nasl

Version: $Revision: 1.17 $

Type: remote

Family: CGI abuses

Published: 2010/07/01

Modified: 2017/08/30

Dependencies: 10107, 38157

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: www/ASP, www/sharepoint, Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/06/08

Vulnerability Publication Date: 2010/06/08

Reference Information

CVE: CVE-2010-1264

BID: 40559

IAVA: 2010-A-0079

MSFT: MS10-039

Secunia: 39603

MSKB: 2328360, 2344911, 2344993, 2345000, 2345009, 2345043, 2346411