Link to home
Start Free TrialLog in
Avatar of Larry Kiterling
Larry Kiterling

asked on

Vulnerability ASP .NET MS05-004 Path Validation on 2012 server?

I have a 2012 server and got this back from my vulnreabiliity scanner. I checked the website and its related to 1.0 and 1.1 on 2003 servers. Is this a concern for 2012 servers?  I checked the ASP versions and it shows v2.0/v3.0/v3.5/v4/v4.0. Is this a false positive?
 Microsoft Security Bulletin MS05-004 # ASP.NET Path Validation
Avatar of Big Monty
Big Monty
Flag of United States of America image

looks like it could be an issue -
Avatar of Larry Kiterling
Larry Kiterling


Does this effect me though? I don't seem to have those versions (1/1.1)
if you're sure you don 't have those versions, then you are safe
Check the registry on the framework versions installed. There should be any 1.1 for false positive and try upgrade the framework to latest.
Note the use of mbsa to check the patch level of the server will not help in this case and the enterprise scan tool may not necessary run in 2012 but can try though
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
bad ass mo f'er