Trend Micro Security

Microsoft Windows DNS Client Buffer Overrun Vulnerability

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2006-3441

  概要

Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1000862
  Trend Micro Deep Security DPI Rule Name: 1000862 - Microsoft Windows DNS Client Buffer Overrun Vulnerability

  影響を受けるソフトウェア

  • Microsoft Windows 2000 SP4
  • Microsoft Windows Server 2003 64-bit
  • Microsoft Windows Server 2003 SP1
  • Microsoft Windows Server 2003 SP1 Itanium
  • Microsoft Windows XP Professional 64-bit
  • Microsoft Windows XP SP1
  • Microsoft Windows XP SP2