MS11-042: Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
High Nessus Plugin ID 55122
SynopsisA distributed file system on the remote Windows host has multiple vulnerabilities.
DescriptionThe Distributed File System (DFS) implementation running on the remote Windows host has the following vulnerabilities:
- The DFS client does not parse specially crafted DFS responses correctly, which could allow a remote, unauthenticated attacker to execute arbitrary code.
- The system does not properly handle specially crafted DFS referral responses, which could allow an unauthenticated, remote attacker to cause a denial of service. (CVE-2011-1869)
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.