Skip to main content

Microsoft Windows DNS Server Multiple Vulnerabilities

Last Update Date: 10 Aug 2011 11:52 Release Date: 10 Aug 2011 6377 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS
  1. DNS NAPTR Query Vulnerability
    A remote code execution vulnerability exists in the way that the Windows DNS Server improperly handles a specially crafted NAPTR query string in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  2. DNS Uninitialized Memory Corruption Vulnerability
    A denial of service vulnerability exists in the way that the DNS server improperly handles an object in memory that has not been initialized. An attacker that successfully exploited this vulnerability could cause the DNS server service on the target system to stop responding.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2008 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link