VERT Alert - December 29, 2011

- Dec 29, 2011 -

December 29, 2011 11:40 AM (PT)

The nCircle VERT Alert is brought to you by nCircle VERT, nCircle's research team. VERT Alerts are distributed for Microsoft Patch Tuesday and for significant security threats.

Today's VERT Alert addresses the new Out of Band Microsoft Security Bulletin. VERT is actively working on coverage for this bulletin in order to meet our 24-hour SLA and expects to ship ASPL-437 on Friday, December 30th.

Collisions in HashTable May Cause DoS Vulnerability CVE-2011-3414
Insecure Redirect in .NET Form Authentication Vulnerability CVE-2011-3415
ASP.Net Forms Authentication Bypass Vulnerability CVE-2011-3416
ASP.NET Forms Authentication Ticket Caching Vulnerability CVE-2011-3417


Today's out of band security bulletin includes 4 CVEs, the most notable of which is CVE-2011-3414, the "hashDoS" vulnerability released at 28c3 in Berlin. This denial of service could tie up the processing power of a web server with a minimal amount of sent data. The remaining three CVEs are associated with Forms Authentication and include an insecure redirect and two methods of privilege escalation. The first privilege escalation requires that the attacker be able to create an account on the target system and that they know the username of the target account. The second escalation, using ticket caching (a cookieless Forms Authentication method), requires that the target user click on a link provided by the attacker.


As always VERT recommends that you apply all the patches as soon as possible but also that you fully vet patches (when possible) before applying them to production systems.


Ease of Use (published exploits) to Risk Table:

Automated Exploit
Extremely Difficult
No Known Exploit
Local Availability
Remote Availability
Remote Access
Local Privileged
Remote Privileged


All data and commentary is based on information available when the VERT Alert is published. The VERT Alert may be updated on the nCircle website as new information surfaces: