CVE-2014-0255

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows Server 2012 Gold and R2

Description A denial of service issue exists in the Windows operating system related to the processing of iSCSI packets. Successful exploitation of this issue could allow an attacker to cause a service outage. This can be achieved by sending many crafted packets to the iSCSI service.

Recommendations For Microsoft Windows Server 2008 SP2 and R2 SP1, consider restricting access to the iSCSI service to minimize the risk of exploitation. For Microsoft Windows Server 2012 Gold and R2, consider implementing network traffic filtering to limit the impact of crafted packets on the iSCSI service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.