CVE-2012-0006
published 2012-03-13CVE-2012-0006: The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which…
PriorityP334medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
31.08%
98.0th percentile
The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j6f6-v4xg-2w4p: The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record looku
ghsa_unreviewed·2022-05-04
CVE-2012-0006 [MEDIUM] GHSA-j6f6-v4xg-2w4p: The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record looku
The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."
VMware
VMware security updates for vCenter Server
vendor_vmware·2013-04-25·CVSS 7.2
CVE-2012-2337 [HIGH] VMware security updates for vCenter Server
VMSA-2013-0006: VMware security updates for vCenter Server
a. vCenter Server AD anonymous LDAP binding credential by-pass vCenter Server when deployed in an environment that uses Active Directory (AD) with anonymous LDAP binding enabled doesn't properly handle login credentials. In this environment, authenticating to vCenter Server with a valid user name and a blank password may be successful even if a non-blank password is required for the account. The issue is present on vCenter Server 5.1, 5.1a and 5.1b if AD anonymous LDAP binding is enabled. The issue is addressed in vCenter Server 5.1 Update 1 by removing the possibility to authenticate using blank passwords. This change in the authentication mechanism is present regardless if anonymous binding is enabled or not.
CVEs: CVE-2012-233
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/80005http://secunia.com/advisories/48394http://www.securityfocus.com/bid/52374http://www.securitytracker.com/id?1026789http://www.us-cert.gov/cas/techalerts/TA12-073A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-017https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15098http://osvdb.org/80005http://secunia.com/advisories/48394http://www.securityfocus.com/bid/52374http://www.securitytracker.com/id?1026789http://www.us-cert.gov/cas/techalerts/TA12-073A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-017https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15098
2012-03-13
Published