CVE-2010-3332

EXPLOITED

Microsoft .NET Framework - Info Disclosure

Title source: llm

Description

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."

Exploits (4)

exploitdb WORKING POC VERIFIED

by Agustin Azubel · rubyremotewindows

https://www.exploit-db.com/exploits/15292

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Agustin Azubel · rubyremoteasp

https://www.exploit-db.com/exploits/15265

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Giorgio Fedon · perlremoteasp

https://www.exploit-db.com/exploits/15213

View Code ZIP pw:eip

nomisec WORKING POC

by bongbongco · poc

https://github.com/bongbongco/MS10-070

View Code ZIP pw:eip

References (20)

[Vendor Advisory] http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx

[Third Party Advisory] http://isc.sans.edu/diary.html?storyid=9568

[Third Party Advisory] http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/

[Third Party Advisory] http://secunia.com/advisories/41409

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1024459

[Third Party Advisory] http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310

[Broken Link] http://twitter.com/thaidn/statuses/24832350146

[Mitigation, Third Party Advisory] http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

[Third Party Advisory] http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx

[Broken Link] http://www.ekoparty.org/juliano-rizzo-2010.php

[Broken Link] http://www.microsoft.com/technet/security/advisory/2416728.mspx

[Exploit, Third Party Advisory] http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/43316

[Third Party Advisory] http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security

[Exploit, Third Party Advisory] http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2429

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2751

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/61898

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365

Scores

EPSS 0.8360

EPSS Percentile 99.3%

Details

VulnCheck KEV 2011-10-26

CWE

CWE-209

Status published

Products (5)

microsoft/.net_framework 1.1 sp1

microsoft/.net_framework 2.0 sp1 (2 CPE variants)

microsoft/.net_framework 3.5 (2 CPE variants)

microsoft/.net_framework 3.5.1

microsoft/.net_framework 4.0

Published Sep 22, 2010

Tracked Since Feb 18, 2026