Critical Update for Microsoft DNS Servers

posted Aug 10, 2011, 5:08 AM by NCET Admin
Read full information....
http://www.sophos.com/support/knowledgebase/article/113982.html

Vulnerability name/brief descriptionMS11-058 - Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)

CVE/CAN nameCVE-2011-1970
CVE-2011-1966
Vendor threat levelCritical   
SophosLabs threat levelHigh
Solution

MS11-058

Vendor descriptionThis security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.
Comments