Check Point Advisories

Preemptive Protection against Malformed DNS Resource Records Vulnerability (MS06-041)

Check Point Reference: CPAI-2006-095
Date Published: 13 Aug 2006
Severity: High
Last Updated: Thursday 03 May, 2007
Source: Microsoft Security Bulletin MS06-041
US-CERT VU#794580
Industry Reference:CVE-2006-3441
Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 SP4 
Microsoft Windows XP SP1, SP2 
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Vulnerability Description The Domain Name System (DNS) client service resolves and caches DNS names. The Microsoft DNS Client service fails to handle specific overly long resource records. An attacker could exploit the vulnerability by sending a specially crafted DNS record to an affected client. Successful exploitation could grant an attacker complete control of the affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS06-041
Vulnerability DetailsThe vulnerability can be triggered when Microsoft DNS client service handles overly long Text (TXT) and Host Information (HINFO) resource records. If successful, a remote unauthenticated attacker can gain complete control of a system by either sending a a specially crafted DNS communication to an affected system from a subnet between the target host and DNS server; or by convincing the target host to make a DNS request to receive a specially crafted record response from an attacking server.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.