CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
99.4%
The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka βDNS Denial of Service Vulnerability.β
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:* |
microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:* |
osvdb.org/80005
secunia.com/advisories/48394
www.securityfocus.com/bid/52374
www.securitytracker.com/id?1026789
www.us-cert.gov/cas/techalerts/TA12-073A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-017
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15098