PT-2011-3430 · Microsoft · Windows Vista+6
Laurent Gaffiã©
·
Published
2011-06-16
·
Updated
2023-12-07
·
CVE-2011-1869
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows XP versions SP2 and SP3
Microsoft Windows Server 2003 version SP2
Microsoft Windows Vista versions SP1 and SP2
Microsoft Windows Server 2008 versions Gold, SP2, R2, and R2 SP1
Microsoft Windows 7 versions Gold and SP1
Description
A denial of service issue exists in the Microsoft Distributed File System (DFS) implementation, allowing remote DFS servers to cause a system hang via a crafted referral response. This can be exploited by sending a specially crafted network message to a computer running the Server service, and it does not require authentication.
Recommendations
For Microsoft Windows XP versions SP2 and SP3, update to a newer version to mitigate the risk.
For Microsoft Windows Server 2003 version SP2, update to a newer version to mitigate the risk.
For Microsoft Windows Vista versions SP1 and SP2, update to a newer version to mitigate the risk.
For Microsoft Windows Server 2008 versions Gold, SP2, R2, and R2 SP1, update to a newer version to mitigate the risk.
For Microsoft Windows 7 versions Gold and SP1, update to a newer version to mitigate the risk.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Distributed File System
Windows
Windows 7
Windows Server 2003
Windows Server 2008
Windows Vista
Windows Xp