QwikSec

Security Database

CVE

CWE

Training

CVE-2008-5100

Published: Nov 17, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache (GAC) and Code Access Security (CAS) protection mechanisms, aka MSRC ticket MSRC8566gs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20081113 New Whitepaper - .NET Framework Rootkits: Backdoors inside your Framework

mailing-list

x_refsource_BUGTRAQ

http://www.applicationsecurity.co.il/.NET-Framework-Rootkits.aspx

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

http://www.applicationsecurity.co.il/LinkClick.aspx?fileticket=ycIS1bewMBI%3d&tabid=161&mid=555

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.