The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Microsoft .NET: access to a network socket

Synthesis of the vulnerability 

An attacker can invite the victim to visit a malicious XBAP site, or to accept a malicious ASP.NET application, in order to access to a network socket of the computer.
Impacted systems: .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows Vista, Windows XP.
Severity of this alert: 2/4.
Creation date: 10/08/2011.
Références of this alert: 2567951, BID-48991, CERTA-2011-AVI-445, CVE-2011-1978, MS11-069, VIGILANCE-VUL-10907.

Description of the vulnerability 

The Microsoft .NET Framework is used to run:
 - Microsoft .NET Applications, and honors their CAS (Code Access Security) restrictions
 - Microsoft ASP.NET Applications, with limited features on the web site
 - XAML Browser Applications (XBAP), which are supported by Internet Explorer

The Microsoft .NET System.Net.Sockets namespace provides classes and enumerations to use Winsock.

However, System.Net.Sockets does not check the access privileges (trust level) for its methods.

A malicious .NET application can therefore access to the network (if the network is restricted by CAS).
A malicious ASP.NET application, that the administrator accepted on his web site, can therefore access to the network.
A malicious XBAP application hosted on a web site can therefore access to the network of victims browsing this site with Internet Explorer.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity announce impacts software or systems such as .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows Vista, Windows XP.

Our Vigil@nce team determined that the severity of this threat alert is medium.

The trust level is of type confirmed by the editor, with an origin of internet server.

An attacker with a expert ability can exploit this computer weakness alert.

Solutions for this threat 

Microsoft .NET: patch for socket.
A patch is available:
Windows XP SP3
  Microsoft .NET Framework 2.0 SP2
    http://www.microsoft.com/downloads/details.aspx?familyid=14fdbaa4-b42b-499c-819f-bb239b48a4cc
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows 2003 SP2
  Microsoft .NET Framework 2.0 SP2
    http://www.microsoft.com/downloads/details.aspx?familyid=14fdbaa4-b42b-499c-819f-bb239b48a4cc
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows Vista SP2
  Microsoft .NET Framework 2.0 SP2
    http://www.microsoft.com/downloads/details.aspx?familyid=2f7348c0-a036-4d86-b7bb-bd6810cdc834
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows Server 2008 Gold, SP2
  Microsoft .NET Framework 2.0 SP2
    http://www.microsoft.com/downloads/details.aspx?familyid=2f7348c0-a036-4d86-b7bb-bd6810cdc834
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows 7 Gold
  Microsoft .NET Framework 3.5.1
    http://www.microsoft.com/downloads/details.aspx?familyid=b8c628c6-5dcc-4c8f-b379-e2249a44f12c
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows 7 SP1
  Microsoft .NET Framework 3.5.1
    http://www.microsoft.com/downloads/details.aspx?familyid=e1f84749-77bb-42bf-a539-fb647cacff8b
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows Server 2008 R2 Gold
  Microsoft .NET Framework 3.5.1
    http://www.microsoft.com/downloads/details.aspx?familyid=b8c628c6-5dcc-4c8f-b379-e2249a44f12c
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
Windows Server 2008 R2 SP1
  Microsoft .NET Framework 3.5.1
    http://www.microsoft.com/downloads/details.aspx?familyid=e1f84749-77bb-42bf-a539-fb647cacff8b
  Microsoft .NET Framework 4
    http://www.microsoft.com/downloads/details.aspx?familyid=e2069b12-d78b-420c-84b7-46bba12827c8
The Microsoft announce indicates workarounds.
The article 2567951 indicates known problems:
  http://support.microsoft.com/kb/2567951
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer vulnerability bulletin. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.