Denial of service in Microsoft Windows DNS Server



Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-0171
CWE-ID CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Windows Server
Operating systems & Components / Operating system

Vendor Microsoft

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Denial of service

EUVDB-ID: #VU6449

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-0171

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS conditions on the target system.

The weakness exists due to incorrect processing of malicious DNS queries by Windows DNS Server. A remote attacker can send specially crafted DNS queries and cause the cause the DNS Server service to become nonresponsive.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows Server: 2008 - 2016 10.0.14393.10

CPE2.3 External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###