Oval Definition:oval:org.mitre.oval:def:16388
Revision Date:2014-03-03Version:24
Title:Microsoft NFS Server Denial Of Service Vulnerability - MS13-014
Description:The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka "NULL Dereference Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-1281
Platform(s):Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s):
Definition Synopsis
  • Check for OS Windows 2008 R2 x64/IA-64 and vulnerable file version
  • Check for OS Windows 2008 R2 x64/IA-64
  • Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND Check for GDR and LDR
  • the version of Nfssvr.sys is less than 6.1.7600.17204
  • OR Check for LDR
  • the version of Nfssvr.sys is greater than or equal to 6.1.7600.20000
  • AND the version of Nfssvr.sys is less than 6.1.7600.21414
  • OR Check for Windows 2008 R2 x64/IA-64 SP1 and vulnerable file version
  • Check for Windows 2008 R2 x64/IA-64 SP1
  • Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
  • AND Check for GDR and LDR
  • the version of Nfssvr.sys is less than 6.1.7601.18041
  • OR Check for LDR
  • the version of Nfssvr.sys is greater than or equal to 6.1.7601.21000
  • AND the version of Nfssvr.sys is less than 6.1.7601.22207
  • OR Check for Windows 2012 and vulnerable file version
  • Microsoft Windows Server 2012 is installed
  • AND Check for GDR and LDR
  • the version of Nfssvr.sys is less than 6.2.9200.16490
  • OR Check for LDR
  • the version of Nfssvr.sys is greater than or equal to 6.2.9200.20000
  • AND the version of Nfssvr.sys is less than 6.2.9200.20595
    • BACK