SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft DNS Server Vendors:   Microsoft
Microsoft DNS Server Lets Remote Users Deny Service
SecurityTracker Alert ID:  1026789
SecurityTracker URL:  http://securitytracker.com/id/1026789
CVE Reference:   CVE-2012-0006   (Links to External Site)
Date:  Mar 13 2012
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, 2008 SP2, 2008 R2 SP1; and prior service packs
Description:   A vulnerability was reported in Microsoft DNS Server. A remote user can cause denial of service conditions.

A remote user can send a specially crafted DNS query to cause the target system to stop responding and automatically restart.

The vulnerability resides in the management of objects in memory while the system is looking up a resource record.

Impact:   A remote user can cause the target system to stop responding and automatically restart.
Solution:   The vendor has issued the following fixes:

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=b04da098-666f-4760-90da-d2a17e78bf47

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=647eaf09-3959-439e-8418-fd25221eb6b9

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=92f3af60-9a9b-4419-9e95-55f5cb54cf00

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=233c62b7-f2b1-49ce-9a7f-e51435be0d26

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=56eae770-5990-4e1b-8b48-3d0602fcc72b

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=19a4f3d1-24d2-41af-a41a-e5cc2c6232e8

A restart is required.

The Microsoft advisory is available at:

http://technet.microsoft.com/en-us/security/bulletin/ms12-017

Vendor URL:  technet.microsoft.com/en-us/security/bulletin/ms12-017 (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2003), Windows (2008)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC