CVE-2009-1536 Information

Feb 14, 2021 cve

Description

ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1 when ASP 2.0 is used in integrated mode on IIS 7.0 does not properly manage request scheduling which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests aka \Remote Unauthenticated Denial of Service in ASP.NET Vulnerability.\

Reference

http://blogs.technet.com/srd/archive/2009/08/11/ms09-035-asp-net-denial-of-service-vulnerability.aspx http://osvdb.org/56905 http://secunia.com/advisories/36127 http://www.securityfocus.com/bid/35985 http://www.securitytracker.com/id?1022715 http://www.us-cert.gov/cas/techalerts/TA09-223A.html http://www.vupen.com/english/advisories/2009/2231 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-036 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6393

Share on: