12107: Microsoft SSL library DoS and Remote Code Execution (MS04-011/835732) (SSL Safe Check on HTTP)

Microsoft SSL library DoS and Remote Code Execution (MS04-011/835732) (SSL Safe Check on HTTP)

General Info

	TC:	12107
	Description:	A denial of service vulnerability exists in the Microsoft Secure Sockets Layer (SSL) library. The vulnerability results from the way that the Microsoft SSL library handles malformed SSL messages. This vulnerability could cause the affected system to stop accepting SSL connections on Windows 2000 and Windows XP. On Windows Server 2003, the vulnerability could cause the affected system to automatically restart. If found vulnerable to this issue and unless you applied specific workarounds, you are also vulnerable to all other vulnerabilities described in the Microsoft Security Bulletin MS04-011.
	TC Impact:	Gather Info
	Service:	https

Specific Operations and Actions:

	Vulnerability Publication:	April 13, 2004
	Advisory Copyright:	John Lampe of Tenable Network Security
	Summary:	It is possible to create a DoS using a bug in the Microsoft Secure Sockets Layer (SSL) library.
	Risk:	Medium
	CVSS 2.0 metrics:	Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
	CVSS 2.0 Base Score:	5.0

	Vulnerability Impact:	Denial of Service

	Host Impact:	Denial of Service.
	Nature of Remediation:	Patch Operating System.

	Step required to fix the reported vulnerability:
	*** Solution type: Upgrade Software *** Microsoft has released a patch addressing this issue. See references for more details on how to upgrade.

Glossary and References :

	References:
	* MS: MS04-011 http://www.microsoft.com/technet/security/bulletin/ms04-011.asp * CERT: TA04-104A http://www.us-cert.gov/cas/techalerts/TA04-104A.html * CERT-VN: VU#150236 http://www.kb.cert.org/vuls/id/150236 * BID: 10115 http://www.securityfocus.com/bid/10115 * OVAL: oval:org.mitre.oval:def:885 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:885 * OVAL: oval:org.mitre.oval:def:886 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:886 * OVAL: oval:org.mitre.oval:def:892 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:892 * XF: ssl-message-dos(15712) http://xforce.iss.net/xforce/xfdb/15712

	CVE Link:	CVE-2004-0120

	Glossary:	Denial of Service HTTP HTTPS SSL Web Server

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)