Oval Definition:oval:org.mitre.oval:def:12870
Revision Date:2012-04-16Version:46
Title:DNS Uninitialized Memory Corruption Vulnerability
Description:The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2011-1970
Platform(s):Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis
  • Vulnerable Microsoft Windows Server 2003 x86/x64/ia64 SP2
  • DNS role is enabled (Server 2003)
  • AND Windows Server 2003 x86/x64/ia64 SP2
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND The version of Dns.exe is less than 5.2.3790.4882
  • OR Vulnerable Microsoft Windows Server 2008 x86/x64 SP2
  • DNS role is enabled (Server 2008 or later)
  • AND Windows Server 2008 x86/x64 SP2
  • Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • AND GDR or LDR Service branch
  • The version of Dns.exe is less than 6.0.6002.18486
  • OR LDR
  • The version of Dns.exe is greater than or equal to 6.0.6002.22000
  • AND The version of Dns.exe is less than 6.0.6002.22665
  • OR Vulnerable Microsoft Windows Server 2008 R2 x64
  • DNS role is enabled (Server 2008 or later)
  • AND Microsoft Windows Server 2008 R2 x64 Edition is installed
  • AND GDR or LDR Service branch
  • The version of Dns.exe is less than 6.1.7600.16840
  • OR LDR
  • The version of Dns.exe is greater than or equal to 6.1.7600.20000
  • AND The version of Dns.exe is less than 6.1.7600.20993
  • OR Vulnerable Microsoft Windows Server 2008 R2 x64 SP1
  • DNS role is enabled (Server 2008 or later)
  • AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • AND GDR or LDR Service branch
  • The version of Dns.exe is less than 6.1.7601.17639
  • OR LDR
  • The version of Dns.exe is greater than or equal to 6.1.7601.21000
  • AND The version of Dns.exe is less than 6.1.7601.21754
    • BACK