Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check)

Medium Nessus Plugin ID 64589


A framework used by the remote web server has a denial of service vulnerability.


The web server running on the remote host appears to be using Microsoft ASP.NET, and may be affected by a denial of service vulnerability. Requesting a URL containing an MS-DOS device name can cause the web server to become temporarily unresponsive. An attacker could repeatedly request these URLs, resulting in a denial of service.

Additionally, there is speculation that this vulnerability could result in code execution if an attacker with physical access to the machine connects to a serial port.

This plugin does not attempt to exploit the vulnerability and only runs when 'Check for PCI-DSS compliance' is enabled in the scan policy. This plugin reports all web servers using ASP.NET 1.1. If it cannot determine the version, it will report all web servers using ASP.NET. Manual verification is required to determine if a vulnerability is present.


Use an ISAPI filter to block requests for URLs with MS-DOS device names.

See Also

Plugin Details

Severity: Medium

ID: 64589

File Name: asp_net_device_dos2.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Web Servers

Published: 2013/02/13

Modified: 2016/10/07

Dependencies: 67257

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/, cpe:/o:microsoft:windows

Required KB Items: Settings/PCI_DSS

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2007/05/22

Reference Information

CVE: CVE-2007-2897

BID: 51527

OSVDB: 41057

EDB-ID: 3965