| Check Point Reference: |
CPAI-2006-095 |
| Date Published: |
13 Aug 2006 |
| Severity: |
High
|
| Last Updated: |
Thursday 03 May, 2007 |
| Source: |
Microsoft Security Bulletin MS06-041
US-CERT VU#794580 |
| Industry Reference: | CVE-2006-3441 |
| Protection Provided by: |
|
| Who is Vulnerable? | Microsoft Windows 2000 SP4
Microsoft Windows XP SP1, SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition |
| Vulnerability Description |
The Domain Name System (DNS) client service resolves and caches DNS names. The Microsoft DNS Client service fails to handle specific overly long resource records. An attacker could exploit the vulnerability by sending a specially crafted DNS record to an affected client. Successful exploitation could grant an attacker complete control of the affected system. |
| Update/Patch Avaliable | Apply patches:
Microsoft Security Bulletin MS06-041
|
| Vulnerability Details | The vulnerability can be triggered when Microsoft DNS client service handles overly long Text (TXT) and Host Information (HINFO) resource records. If successful, a remote unauthenticated attacker can gain complete control of a system by either sending a a specially crafted DNS communication to an affected system from a subnet between the target host and DNS server; or by convincing the target host to make a DNS request to receive a specially crafted record response from an attacking server. |
Feedback