CVE-2014-0253

High PUBLISHED

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote...

Microsoft · .NET Framework

Not yet in CISA KEV

Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
5.0 Medium

At a Glance

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."

dotnet
CVE Published
Feb 12, 2014
Exploitation Reported
Feb 12, 2014
CVSS
5.0 Medium
EPSS
Remote Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • MS14-009 docs.microsoft.com · Vendor Advisory https://docs.microsoft.com/en-us/security-updates/securitybulletins/2...
  • 56793 secunia.com · Third-Party Advisory http://secunia.com/advisories/56793
  • 1029745 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1029745
  • 103162 osvdb.org · VDB Entry http://osvdb.org/103162
  • 65415 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/65415

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.