Tuesday, 21 October 2014

Another obscure Trustwave PCI scan fail - SBS 2011 fails CVE-2010-3332 / MS10-070, vulnerability in ASP.NET Could Allow Information Disclosure

After clearing up the SharePoint issues, there was just one remaining failure issue in the Trustwave PCI scan of an SBS 2011 server.

The fix turned out to be running the .NET Framework Cleanup Tool from Aaron Stebner at Microsoft, and removing .NET 1.0 and 1.1.

There's some more detailed discussion over at Technet

3 comments:

Jere said...

I'm failing the same Trustwave test, also on SBS 2011 - removed .NET 1.0 and 1.1 - but still failing after reboot.

Any ideas?

Jere said...

Are you running .NET 4.5 or just 4.0?

redleg said...

Hi Jere, .NET 4.5.2 on that server. Had to do a manual update to get to that too, the Microsoft Updates were only going as far as 4.5.1.
HTH, Mike

Trust 1&1 Internet for your domain name registration, from only £1.99/year!. Check now!