en

‫ Microsoft Windows Distributed File System Two Vulnerabilities

IRCAD2011061250
ID:IRCAD2011061250
Release Date: 2011-06-14
Criticality level: Highly critical
Software:
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
 
Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
1)      A validation error in the Distributed File System (DFS) can be exploited to corrupt memory via a specially crafted DFS response.
Successful exploitation allows execution of arbitrary code, but requires tricking a user into initiating a DFS connection to a malicious server.
2)      An error in the Distributed File System (DFS) when processing DFS referral responses can be exploited to cause a system to stop responding.
 
Solution:
Apply patches.
 
References:
MS11-042 (KB2535512):
 
Secunia:
 

The Wall

No comments
You need to sign in to comment