Welcome to HP ASC Portal Sign in | Join
in Search
Home Blogs Forums Photos Downloads
HP ASC Portal » HP Application Security Center » ASC Knowledge Base » WebInspect fails to open with .NET 2.0 exception and Event ID 5000.

WebInspect fails to open with .NET 2.0 exception and Event ID 5000.

Last post 02-13-2008, 7:05 PM by chardmon. 0 replies.
Sort Posts: Previous Next

  •  02-13-2008, 7:05 PM 74108

    WebInspect fails to open with .NET 2.0 exception and Event ID 5000.

    TITLE:
    WebInspect fails to open with .NET 2.0 exception and Event ID 5000.


    ISSUE:
    A fresh installation of WebInspect™ on either .NET Framework 3.0 or 2.0 fails to run. An Event ID 5000 is found in the Application logs within the Event Viewer. It identifies itself as a .NET Runtime 2.0 error and appears similar to the following.

    Event ID: 5000
    Source: .NET Runtime 2.0 Error Reporting
    Type: Error
    Description: EventType clr20r3, P1 webinspect.exe, P2 7.5.53.0, P3 46d2e1cd, P4 webinspect, P5 7.5.53.0, P6 46d2e1cd, P7 8, P8 b, P9 system.typeinitialization, P10 NIL.


    CAUSE:
    At its center, this issue arises from WebInspect's requirement for a particular encryption algorithm.

    This Event ID error occurs because the default policy for unhandled exceptions has changed in the .NET Framework 2.0. By default, the policy for unhandled exceptions is to end the worker process. In the Microsoft .NET Framework 1.1 and in the Microsoft .NET Framework 1.0, unhandled exceptions on managed threads were ignored. See Microsoft's article 911816 for additional information about this event's appearance.


    SOLUTIONS:
    For the Event ID, according to Microsoft's article 911816, there are two suggestions. Neither have been tested with WebInspect yet, but they are listed below. In practice, HP/SPI Dynamics has had success in altering the FIPS security policy, as described below.

    HP/SPI Dynamics' suggestions:

    1. Go to Start > Run, enter "gpedit.msc" and click OK. The Group Policy dialog appears.
    2. Navigate to Computer Configuration > Windows Settings >Security Settings > Local Policies > Security Options.
    3. In the list of policies in the right frame of the dialog, locate the entry "System cryptography: Use FIPS compliant algorithms for encryption, hashing...."
    4. If this is enabled, disable it. This should resolve the issue that we see with the Event ID 5000.


    Microsoft's suggestions:
    1. Modify the IHttpModule object so that it will log exception information to the Application log.
    2. (not recommended) Change the unhandled exception policy back to the default behavior that occurs in the .NET Framework 1.1 and in the .NET Framework 1.0.


    APPLIES TO:
    WebInspect 7.5


    MORE INFORMATION:
    See the following solutions for related information.
    Solution 1111 "Smart Update error 'Could not establish secure channel for SSL/TLS'"
    Solution 1995 "FIPS-compliant algorithms for encryption security prevents WebInspect from launching"

    For excellent details in debugging these, see "ASP.NET 2.0 Crash case study: Unhandled exceptions":
    http://blogs.msdn.com/tess/archive/2006/04/27/asp-net-2-0-crash-case-study-unhandled-exceptions.aspx

    For Microsoft's article 911816, see http://support.microsoft.com/kb/911816. This includes two sets of solution steps. The second, not recommended, is to change the default behavior back to that of .NET 1.0.

    For a brief detail on this error, see http://www.eventid.net/display.asp?eventid=5000&eventno=7334&source=.NET%20Runtime%202.0%20Error%20Reporting&phase=1
View as RSS news feed in XML