Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote malicious users to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 2003 server sp1 |
||
microsoft windows xp |
||
microsoft windows 2000 |
||
microsoft windows 2003 server 64-bit |