NVD

Id
29156  
Name
CVE-2014-0253  
Description
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-02-11  
Modified Date
2014-02-12  
Seq
2014-0253  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
154768 29156 CVE-2014-0253 MS14-009  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12490 JVNDB-2014-001365 Microsoft .NET Framework におけるサービス運用妨害 (DoS) の脆弱性 Microsoft .NET Framework は、TCP の接続状況を適切に判定しないため、サービス運用妨害 (ASP.NET デーモンハング) 状態にされる脆弱性が存在します。 CVE-2014-0253 67654 CVE-2014-0253 29156 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001365.html 2014-02-11 2014-02-13 View