8 matches found
Security Advisory - Remote Code Execution Vulnerability in Windows DNSAPI
Microsoft released a security advisory to disclose a remote code execution vulnerability in Windows Domain Name System DNS DNSAPI.dll. An unauthenticated, remote attacker would use a malicious DNS server to send corrupted DNS responses to the target. The attacker could exploit the vulnerability t...
Microsoft Windows DNSAPI NSEC3 Heap-based Buffer Overflow (CVE-2017-11779)
A heap-based buffer overflow vulnerability exists in the DNSAPI component of Microsoft Windows. The vulnerability is due to insufficient validation of certain components of NSEC3 records. A remote attacker could exploit this vulnerability by sending a malicious DNS response directly to the target...
CVE-2017-11779
The Microsoft Windows Domain Name System DNS DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...
CVE-2017-11779
CVE-2017-11779 concerns a vulnerability in the Windows DNSAPI.dll within the DNSAPI component of Microsoft Windows. A heap-based buffer overflow in the handling/validation of NSEC3 records (triggered by malicious DNS responses) could allow a remote attacker to execute arbitrary code in the contex...
Important vulnerabilities early warning: the Windows DNS client in the broke multiple heap buffer overflow flaws vulnerabilities in bug-bug warning-the black bar safety net
Microsoft has in the 2017 year 10 months official fix for the vulnerability CVE-2017-11779, the vulnerability includes the Windows DNS client in the plurality of memory corruption vulnerabilities, running Windows 8/Server 2012 and an updated version ofOSthe computer will be affected by this...
CVE-2017-11779
creationtimestamp| type| source ---|---|--- 2017-10-11 18:07:54+00:00| seen| https://t.me/informationsecuritychannel/9859...
KLA11111 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
KB4041691: Windows 10 Version 1607 and Windows Server 2016 October 2017 Cumulative Update (KRACK)
The remote Windows host is missing security update 4041691. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...