![Trend Micro Security](https://www.trendmicro.com/content/dam/trendmicro/global/en/global/logo/logo-desktop.png)
Microsoft .NET Framework POST Request DoS Vulnerability (CVE-2014-0253)
2015年7月21日
危険度: : 中
CVE識別番号: 2014-0253,MS14-009
概要
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005471
Trend Micro Deep Security DPI Rule Name: 1005471 - Identified Suspicious Low HTTP Server Bandwidth
影響を受けるソフトウェア
- microsoft .net_framework 1.1
- microsoft .net_framework 2.0
- microsoft .net_framework 3.5
- microsoft .net_framework 3.5.1
- microsoft .net_framework 4.0
- microsoft .net_framework 4.5
- microsoft .net_framework 4.5.1