Vulnerabilities > CVE-2012-0006 - Resource Management Errors vulnerability in Microsoft Windows Server 2003 and Windows Server 2008

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
microsoft
CWE-399
nessus
NVD
Published: 2012-03-13
Updated: 2019-02-26

Summary

The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."

Vulnerable Configurations

Part Description Count
OS
Microsoft
5

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS12-017
bulletin_url
date2012-03-13T00:00:00
impactDenial of Service
knowledgebase_id2647170
knowledgebase_url
severityImportant
titleVulnerability in DNS Server Could Allow Denial of Service

Nessus

  • NASL familyDNS
    NASL idMS_DNS_KB2647170.NASL
    descriptionAccording to its self-reported version number, the Microsoft DNS server running on the remote host does not properly handle objects in memory when looking up the resource record of a domain. By sending a specially crafted DNS query an attacker may be able to exploit this flaw and cause the DNS server on the remote host to stop responding and eventually restart.
    last seen2020-06-01
    modified2020-06-02
    plugin id72837
    published2014-03-05
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/72837
    titleMS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170) (uncredentialed check)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS12-017.NASL
    descriptionThe DNS server installed on the remote host does not properly handle objects in memory when looking up the resource record of a domain. By sending a specially crafted DNS query, an attacker may be able to exploit this flaw and cause the DNS server on the remote host to stop responding and eventually restart.
    last seen2020-06-01
    modified2020-06-02
    plugin id58329
    published2012-03-13
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58329
    titleMS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170)

Oval

accepted2012-05-07T04:01:11.315-04:00
classvulnerability
contributors
  • nameDragos Prisaca
    organizationSymantec Corporation
  • nameDragos Prisaca
    organizationSymantec Corporation
definition_extensions
  • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
    ovaloval:org.mitre.oval:def:1935
  • commentMicrosoft Windows Server 2003 SP2 (x64) is installed
    ovaloval:org.mitre.oval:def:2161
  • commentMicrosoft Windows Server 2003 (ia64) SP2 is installed
    ovaloval:org.mitre.oval:def:1442
  • commentMicrosoft Windows Server 2008 (32-bit) Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:5653
  • commentMicrosoft Windows Server 2008 x64 Edition Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:6216
  • commentMicrosoft Windows Server 2008 R2 x64 Edition is installed
    ovaloval:org.mitre.oval:def:6438
  • commentMicrosoft Windows Server 2008 R2 x64 Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:12567
descriptionThe DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."
familywindows
idoval:org.mitre.oval:def:15098
statusaccepted
submitted2012-03-13T13:00:00
titleDNS Denial of Service Vulnerability
version73

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 52374 CVE ID: CVE-2012-0006 Windows DNS Server是微软公司推出的域名系统或者域名服务,域名系统为Internet上的主机分配域名地址和IP地址。 Windows DNS Server在处理某些lookup查询时,在实现上存在远程拒绝服务漏洞,远程攻击者可利用此漏洞造成DNS服务器停止响应,拒绝服务合法用户。 0 Microsoft Server 2008 Microsoft Server 2003 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-017)以及相应补丁: MS12-017:Vulnerability in DNS Server Could Allow Denial of Service (2647170) 链接:http://www.microsoft.com/technet/security/bulletin/MS12-017.asp
idSSV:30196
last seen2017-11-19
modified2012-03-15
published2012-03-15
reporterRoot
titleMicrosoft Windows DNS Server远程拒绝服务漏洞(MS12-017)

References