CVE-2017-0057
published 2017-03-17CVE-2017-0057: DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process…
PriorityP425medium4.3CVSS 3.0
AVNACLPRNUIRSUCLINAN
EPSS
13.96%
96.1th percentile
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to visit an untrusted webpage or (2) tricking a server into sending a DNS query to a malicious DNS server, aka "Windows DNS Query Information Disclosure Vulnerability."
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | windows_dnsclient | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_32-bit_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_msrc3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows DNS Query Information Disclosure Vulnerability
vendor_msrc·2017-03-14·CVSS 3.7
CVE-2017-0057 [MEDIUM] Windows DNS Query Information Disclosure Vulnerability
Windows DNS Query Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Windows dnsclient fails to properly handle requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability:
If the target is a workstation, the attacker could convince a user to visit an untrusted webpage.
If the target is a server, the attacker would have to trick the server into sending a DNS query to a malicious DNS server.
The security update addresses the vulnerability by modifying how Windows dnsclient handles requests.
Microsoft Windows DNS: Microsoft Windows DNS
Microsoft: Microsoft
Customer Action Required: Yes
Impact: In
GHSA
GHSA-gcfq-72w8-c7qj: DNS client in Microsoft Windows 8
ghsa_unreviewed·2022-05-17
CVE-2017-0057 [MEDIUM] CWE-200 GHSA-gcfq-72w8-c7qj: DNS client in Microsoft Windows 8
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to visit an untrusted webpage or (2) tricking a server into sending a DNS query to a malicious DNS server, aka "Windows DNS Query Information Disclosure Vulnerability."
No detection rules found.
No public exploits indexed.
Qualys
Massive Microsoft Patch Tuesday Security Update for March
blogs_qualys·2017-03-14·CVSS 7.8
[HIGH] Massive Microsoft Patch Tuesday Security Update for March
Today Microsoft released a massive Patch Tuesday security update consisting of 17 security bulletins that fixed a total of 134 vulnerabilities. Out of the 17 security bulletins 8 were marked as Critical which could lead to remote code execution while the remaining were marked as Important. Since there were no patches released for February, in one way, a massive update was expected this month. We also liked the fact that Microsoft kept the older way of clubbing KB articles and patches in security bulletins which, in our opinion, is easy to read and provides better overall picture. But the Microsoft blog here , allude that sometime in the future Microsoft will stop publishing security bulletins.
The highest priority overall goes to the Windows GDI bulletin MS17-013 which could allow remote
Qualys
Massive Microsoft Patch Tuesday Security Update for March | Qualys
blogs_qualys·2017-03-14·CVSS 7.8
[HIGH] Massive Microsoft Patch Tuesday Security Update for March | Qualys
Today Microsoft released a massive Patch Tuesday security update consisting of 17 security bulletins that fixed a total of 134 vulnerabilities. Out of the 17 security bulletins 8 were marked as Critical which could lead to remote code execution while the remaining were marked as Important. Since there were no patches released for February, in one way, a massive update was expected this month. We also liked the fact that Microsoft kept the older way of clubbing KB articles and patches in security bulletins which, in our opinion, is easy to read and provides better overall picture. But the Microsoft blog here, allude that sometime in the future Microsoft will stop publishing security bulletins.
The highest priority overall goes to the Windows GDI bulletin MS17-013 which could allow remote c
http://www.securityfocus.com/bid/96695http://www.securitytracker.com/id/1038001https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0057http://www.securityfocus.com/bid/96695http://www.securitytracker.com/id/1038001https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0057
2017-03-17
Published