SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   Microsoft DNS Server Vendors:   Microsoft
Microsoft DNS Server Lets Remote Users Deny Service
SecurityTracker Alert ID:  1026789
SecurityTracker URL:  http://securitytracker.com/id/1026789
CVE Reference:   CVE-2012-0006   (Links to External Site)
Date:  Mar 13 2012
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, 2008 SP2, 2008 R2 SP1; and prior service packs
Description:   A vulnerability was reported in Microsoft DNS Server. A remote user can cause denial of service conditions.

A remote user can send a specially crafted DNS query to cause the target system to stop responding and automatically restart.

The vulnerability resides in the management of objects in memory while the system is looking up a resource record.
Impact:   A remote user can cause the target system to stop responding and automatically restart.
Solution:   The vendor has issued the following fixes:

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=b04da098-666f-4760-90da-d2a17e78bf47

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=647eaf09-3959-439e-8418-fd25221eb6b9

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=92f3af60-9a9b-4419-9e95-55f5cb54cf00

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=233c62b7-f2b1-49ce-9a7f-e51435be0d26

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=56eae770-5990-4e1b-8b48-3d0602fcc72b

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=19a4f3d1-24d2-41af-a41a-e5cc2c6232e8

A restart is required.

The Microsoft advisory is available at:

http://technet.microsoft.com/en-us/security/bulletin/ms12-017
Vendor URL:  technet.microsoft.com/en-us/security/bulletin/ms12-017 (Links to External Site)
Cause:   Access control error
Underlying OS:   Windows (2003), Windows (2008)

Message History:   None.

 Source Message Contents


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC