ID

VAR-201711-0194


CVE

CVE-2017-11770


TITLE

.NET Core Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2017-010105

DESCRIPTION

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability". ASP.NET Core 1.0, 1.1 and 2.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: .NET Core security update Advisory ID: RHSA-2017:3248-01 Product: dotNET on RHEL Advisory URL: https://access.redhat.com/errata/RHSA-2017:3248 Issue date: 2017-11-20 CVE Names: CVE-2017-8585 CVE-2017-11770 ===================================================================== 1. Summary: A security update for .NET Core on RHEL is now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: dotNET on RHEL for Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 dotNET on RHEL for Red Hat Enterprise Linux Server (v. 7) - x86_64 dotNET on RHEL for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.8, 1.1.5 and 2.0.3. (CVE-2017-11770) 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1512982 - CVE-2017-8585 dotNet: DDoS via invalid culture 1512992 - CVE-2017-11770 dotNET: DDos via bad certificate 6. Package List: dotNET on RHEL for Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.8-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.5-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet20-dotnet-2.0.3-4.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.0-2.0.3-4.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.8-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.5-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet20-dotnet-2.0.3-4.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.0-2.0.3-4.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.8-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.8-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.5-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.5-1.el7.x86_64.rpm dotNET on RHEL for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet20-dotnet-2.0.3-4.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.3-4.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.0-2.0.3-4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-8585 https://access.redhat.com/security/cve/CVE-2017-11770 https://access.redhat.com/security/updates/classification/#low https://github.com/dotnet/announcements/issues/34 https://github.com/dotnet/announcements/issues/44 https://github.com/dotnet/core/blob/master/release-notes/2.0/2.0.3.md https://github.com/dotnet/core/blob/master/release-notes/1.1/1.1.5.md https://github.com/dotnet/core/blob/master/release-notes/1.0/1.0.8.md 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFaEsB8XlSAg2UNWIIRAmOjAJ9wjYtfCUbtPpsnb6lS24iFpnlohwCfW3q7 qK6A1l+OTjiiqdhM/cGc8ZU= =DZ68 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 1.98

sources: NVD: CVE-2017-11770 // JVNDB: JVNDB-2017-010105 // BID: 101710 // PACKETSTORM: 145048

AFFECTED PRODUCTS

vendor:microsoftmodel:aspnetcorescope:eqversion:1.0

Trust: 1.6

vendor:microsoftmodel:aspnetcorescope:eqversion:2.0

Trust: 1.6

vendor:microsoftmodel:aspnetcorescope:eqversion:1.1

Trust: 1.6

vendor:microsoftmodel:.net corescope:eqversion:1.0

Trust: 0.8

vendor:microsoftmodel:.net corescope:eqversion:1.1

Trust: 0.8

vendor:microsoftmodel:.net corescope:eqversion:2.0

Trust: 0.8

vendor:microsoftmodel:asp.net corescope:eqversion:2.0

Trust: 0.3

vendor:microsoftmodel:asp.net corescope:eqversion:1.1

Trust: 0.3

vendor:microsoftmodel:asp.net corescope:eqversion:1.0

Trust: 0.3

sources: BID: 101710 // JVNDB: JVNDB-2017-010105 // CNNVD: CNNVD-201711-585 // NVD: CVE-2017-11770

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-11770
value: HIGH

Trust: 1.0

NVD: CVE-2017-11770
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201711-585
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2017-11770
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2017-11770
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: JVNDB: JVNDB-2017-010105 // CNNVD: CNNVD-201711-585 // NVD: CVE-2017-11770

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.8

sources: JVNDB: JVNDB-2017-010105 // NVD: CVE-2017-11770

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-585

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201711-585

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-010105

PATCH

title:CVE-2017-11770 | .NET CORE Denial Of Service Vulnerabilityurl:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11770

Trust: 0.8

title:CVE-2017-11770 | .NET CORE Denial Of Service Vulnerabilityurl:https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2017-11770

Trust: 0.8

title:Microsoft .NET Core Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76424

Trust: 0.6

sources: JVNDB: JVNDB-2017-010105 // CNNVD: CNNVD-201711-585

EXTERNAL IDS

db:NVDid:CVE-2017-11770

Trust: 2.8

db:BIDid:101710

Trust: 1.9

db:SECTRACKid:1039787

Trust: 1.6

db:JVNDBid:JVNDB-2017-010105

Trust: 0.8

db:CNNVDid:CNNVD-201711-585

Trust: 0.6

db:PACKETSTORMid:145048

Trust: 0.1

sources: BID: 101710 // JVNDB: JVNDB-2017-010105 // PACKETSTORM: 145048 // CNNVD: CNNVD-201711-585 // NVD: CVE-2017-11770

REFERENCES

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-11770

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2017:3248

Trust: 1.7

url:http://www.securityfocus.com/bid/101710

Trust: 1.6

url:http://www.securitytracker.com/id/1039787

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2017-11770

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11770

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20171115-ms.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2017/at170044.html

Trust: 0.8

url:http://www.microsoft.com

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://github.com/dotnet/announcements/issues/44

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://github.com/dotnet/core/blob/master/release-notes/2.0/2.0.3.md

Trust: 0.1

url:https://github.com/dotnet/announcements/issues/34

Trust: 0.1

url:https://github.com/dotnet/core/blob/master/release-notes/1.0/1.0.8.md

Trust: 0.1

url:https://github.com/dotnet/core/blob/master/release-notes/1.1/1.1.5.md

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-8585

Trust: 0.1

url:https://bugzilla.redhat.com/):

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-8585

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-11770

Trust: 0.1

url:https://access.redhat.com/security/team/contact/

Trust: 0.1

sources: BID: 101710 // JVNDB: JVNDB-2017-010105 // PACKETSTORM: 145048 // CNNVD: CNNVD-201711-585 // NVD: CVE-2017-11770

CREDITS

Bachraty Gergely

Trust: 0.3

sources: BID: 101710

SOURCES

db:BIDid:101710
db:JVNDBid:JVNDB-2017-010105
db:PACKETSTORMid:145048
db:CNNVDid:CNNVD-201711-585
db:NVDid:CVE-2017-11770

LAST UPDATE DATE

2024-08-14T14:27:01.801000+00:00


SOURCES UPDATE DATE

db:BIDid:101710date:2017-12-19T22:37:00
db:JVNDBid:JVNDB-2017-010105date:2017-12-05T00:00:00
db:CNNVDid:CNNVD-201711-585date:2019-04-19T00:00:00
db:NVDid:CVE-2017-11770date:2019-04-16T20:01:07.733

SOURCES RELEASE DATE

db:BIDid:101710date:2017-11-14T00:00:00
db:JVNDBid:JVNDB-2017-010105date:2017-12-05T00:00:00
db:PACKETSTORMid:145048date:2017-11-20T22:22:00
db:CNNVDid:CNNVD-201711-585date:2017-11-16T00:00:00
db:NVDid:CVE-2017-11770date:2017-11-15T03:29:00.247