MS16-071: Security Update for Microsoft Windows DNS Server (3164065)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote code execution vulnerability.

Description :

The remote Windows host is affected by a remote code execution
vulnerability in the Windows Domain Name System (DNS) server due to
improper handling of DNS requests. An unauthenticated, remote attacker
can exploit this, via specially crafted DNS requests, to execute
arbitrary code in the context of the Local System Account.

See also :

https://technet.microsoft.com/library/security/MS16-071

Solution :

Microsoft has released a set of patches for Windows 2012 and 2012 R2.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 91599 ()

Bugtraq ID: 91117

CVE ID: CVE-2016-3227

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now