Microsoft SharePoint Service Help.aspx 'tid' Parameter DoS
Medium Nessus Plugin ID 47579
SynopsisAn application running on the remote web server has a denial of
DescriptionThe version of Microsoft SharePoint Services running on the remote
host has a denial of service vulnerability. Sending invalid data to
the 'tid' parameter of 'help.aspx' can cause the application to hang.
A remote attacker could exploit this by sending malicious requests,
causing SharePoint to hang temporarily, resulting in a denial of
service. Repeatedly sending malicious requests can cause SharePoint's
application pool to stop, which would require a manual restart of the
SolutionMicrosoft has released a set of patches for SharePoint Services.