Vulnerability CVE-2011-0657 - CERT Civis.Net

Vulnerability Name:

CVE-2011-0657 (CCN-66441)

Assigned:

2011-04-12

Published:

2011-04-12

Updated:

2020-09-28

Summary:

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability."

CVSS v3 Severity:

9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
7.5 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-0657

Source: CCN
Type: Metasploit Modules
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS

Source: OSVDB
Type: UNKNOWN
71780

Source: CCN
Type: SA44161
Microsoft Windows DNS LLMNR Query Processing Vulnerability

Source: SECUNIA
Type: UNKNOWN
44161

Source: CCN
Type: IBM Security Protection Alert
Microsoft Windows DNS Resolution Could Allow Remote Code Execution

Source: CCN
Type: Microsoft Security Bulletin MS11-030
Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553)

Source: CCN
Type: OSVDB ID: 71780
Microsoft Windows DNS Client Service LLMNR Query Processing Remote Code Execution

Source: BID
Type: UNKNOWN
47242

Source: CCN
Type: BID-47242
Microsoft Windows CVE-2011-0657 DNS Resolution Remote Code Execution Vulnerability

Source: SECTRACK
Type: UNKNOWN
1025332

Source: CERT
Type: US Government Resource
TA11-102A

Source: VUPEN
Type: UNKNOWN
ADV-2011-0948

Source: MS
Type: UNKNOWN
MS11-030

Source: XF
Type: UNKNOWN
ms-win-dns-code-execution(66441)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11902

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:*

OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:*

OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:*

OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:11902	V	DNS Query Vulnerability	2012-03-26