CVE-2012-0006 Details

CVE-2012-0006

Published: 2012-03-13 21:55:00
CVE Author: NIST National Vulnerability Database (NVD)
Summary:

The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."

Exploitability Analysis:

This is a vulnerability exploitable with network access which means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access to exploit it. Such a vulnerability is often termed “remotely exploitable”.

Exploitability Complexity:

Specialized access conditions or extenuating circumstances do not exist. The following are examples: The affected product typically requires access to a wide range of systems and users, possibly anonymous an untrusted (e.g., Internet-facing web or mail server). The affected configuration is default or ubiquitous. The attack can be performed manually and requires little skill or additional information gathering. The 'race condition' is a lazy one (i.e., it is technically a race but easily winnable).

Authentication:

Authentication is not required to access and exploit the vulnerability.

Confidentiality Impact:

There is no impact to the confidentiality of the system.

Integrity Impact:

There is no impact to the integrity of the system.

Availability Impact:

There is reduced performance or interruptions in resource availability. An example is a network-based flood attack that permits a limited number of successful connections to an Internet service.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

CVE-2012-0006

Search
Impact
Medium
CVSS Score
5.0
Exploitable
Remotely Exploitable

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage 138,698 vulnerabilities.