Windows DNS是基础网络组件,通常安装在域控制器上,因此,本次DNS Server远程代码执行漏洞(CVE-2020-1350),可能导致严重的服务中断或获取高级域帐户。该漏洞源于Microsoft DNS服务器角色实现中的缺陷引起的,不是协议级缺陷,故不会影响任何其他非Microsoft DNS服务器或Windows DNS客户端。 未经身份验证的攻击者可以通过给Windows DNS服务器发送恶意请求来利用此漏洞,成功利用此漏洞的攻击者,能够以本地系统账户的身份执行任意代码。 CVSS评分10,官方将此漏洞归类为可蠕虫攻击漏洞,可能通过恶意软件在易受攻击的计算机之间传播,无需用户干预。 CVE编号.
Source link
【安全通报】Windows DNS Server远程代码执行漏洞
RELATED STORIES
Description: IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about...
Los investigadores de Google Project Zero revelaron el hallazgo de una vulnerabilidad presente en los...
CVE ID Not Found. A vulnerability has been identified, and possibly a CVE has been...
Experts Discuss How #COVID19 Impacted the Cyber-Threat LandscapeThe impact of COVID-19 on the cyber-threat landscape...
Canadian privacy experts are concerned the federal government’s plan to develop an online passport application...
The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a...
‘Tis the season of giving! How have you given back to the open-source community? No...
An update that fixes two vulnerabilities is now available. openSUSE Security Update: Security update for...
Details A large number of security issues were discovered in the WebKitGTK Web andJavaScript engines....
Written by Shannon Vavra Feb 17, 2021 | CYBERSCOOP An error in a popular video...
You must be logged in to post a comment.