Test ID:	1.3.6.1.4.1.25623.1.0.900957
Category:	Denial of Service
Title:	Microsoft Windows Patterns & Practices EntLib DOS Vulnerability
Summary:	Microsoft Windows Patterns & Practices Enterprise; Library is prone to a denial of service (DoS) vulnerability.
Description:	Summary: Microsoft Windows Patterns & Practices Enterprise Library is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An error occurs in Blocks/Common/Src/Configuration/Manageability/Adm/ AdmContentBuilder.cs while processing an input string composed of many '\' ie backslash characters followed by a double quote related to a certain regular expression. Vulnerability Impact: Successful attack could allow attackers to crash application or CPU consumption and to cause denial of service. Affected Software/OS: Microsoft Windows Patterns & Practices Enterprise Library 3.1, 4.0 and 4.1. Solution: Upgrade to Microsoft Windows Patterns & Practices Enterprise Library 5.0 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3275 Bugtraq: 20090910 Regular Expression Denial of Service (Google Search) http://www.securityfocus.com/archive/1/506419/100/0/threaded http://www.checkmarx.com/Upload/Documents/PDF/Checkmarx_OWASP_IL_2009_ReDoS.pdf
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.