{"id":196213,"date":"2017-11-10T01:07:25","date_gmt":"2017-11-10T00:07:25","guid":{"rendered":"http:\/\/www.borncity.com\/blog\/?p=196213"},"modified":"2022-08-22T10:10:30","modified_gmt":"2022-08-22T08:10:30","slug":"microsoft-revidiert-cve-2017-8585-net-core-1-x","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2017\/11\/10\/microsoft-revidiert-cve-2017-8585-net-core-1-x\/","title":{"rendered":"Microsoft revidiert CVE-2017-8585 (.NET Core 1.x)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\"\/>Microsoft hat zum 9. November 2017 noch eine \u00c4nderung am Security Advisory CVE-2017-8585&nbsp; (.NET Denial of Service Vulnerability) vorgenommen, da auch .NET Core 1.0 und .NET Core 1.1 betroffen sind. <\/p>\n<p><!--more--><\/p>\n<p>CVE-2017-8585 wurde bereits im Juli 2017 mit Sicherheitsupdates geflickt. Allerdings umfasste die Dokumentation nicht die Angreifbarkeit von .NET Core 1.0 und .NET Core 1.1. Das hat Microsoft jetzt nachgeholt. Hier der Text des Security Advisory CVE-2017-8585:<\/p>\n<p> &#8211; Title: CVE-2017-8585 | .NET Denial of Service Vulnerability<br \/> &#8211; <a href=\"https:\/\/web.archive.org\/web\/20201101051813\/https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\" target=\"_blank\" rel=\"noopener\">https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/a><br \/> &#8211; Reasons for Revision: Revised the Affected Products table to include<br \/>&nbsp;&nbsp; .NET Core 1.0 and .NET Core 1.1 because they are affected by <br \/>&nbsp;&nbsp; CVE-2017-8585. Customers running these versions of .NET Core can <br \/>&nbsp;&nbsp; find more information on GitHub at <br \/>&nbsp;&nbsp; <a href=\"https:\/\/github.com\/dotnet\/announcements\/issues\/34\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/dotnet\/announcements\/issues\/34<\/a>. <br \/>&nbsp;&nbsp; This is an informational change only. <br \/> &#8211; Originally posted: July 11, 2017&nbsp; <br \/> &#8211; Updated: November 9, 2017<br \/> &#8211; CVE Severity Rating: Important<br \/> &#8211; Version: 2.0<\/p>\n<p>Betroffen sind nur .NET Core 1.x-Anwendungen, falls diese unter Windows 10 oder Windows 2016 laufen.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft hat zum 9. November 2017 noch eine \u00c4nderung am Security Advisory CVE-2017-8585&nbsp; (.NET Denial of Service Vulnerability) vorgenommen, da auch .NET Core 1.0 und .NET Core 1.1 betroffen sind.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[4328],"class_list":["post-196213","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/196213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=196213"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/196213\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=196213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=196213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=196213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}