Critical Update for Microsoft DNS Servers

posted Aug 10, 2011, 5:08 AM by NCET Admin
Read full information....

Vulnerability name/brief descriptionMS11-058 - Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485)

CVE/CAN nameCVE-2011-1970
Vendor threat levelCritical   
SophosLabs threat levelHigh


Vendor descriptionThis security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.