Описание
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
FAQ
How could an attacker exploit this vulnerability?
An attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution.
What is Windows iSNS?
The Internet Storage Name Service (iSNS) protocol is used for interaction between iSNS servers and iSNS clients. iSNS manages an Internet Storage Name Service (iSNS) server, providing a registration function to allow all entities in a storage network to register and query the iSNS database.
Is Windows iSNS installed by default?
No. See iSNS Server Overview for more information about iSNS.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2008 for 32-bit Systems Service Pack 2 | ||
| Windows Server 2008 for x64-based Systems Service Pack 2 | ||
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | ||
| Windows 7 for 32-bit Systems Service Pack 1 | ||
| Windows 7 for x64-based Systems Service Pack 1 | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | ||
| Windows Server 2012 | ||
| Windows Server 2012 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
Уязвимость службы имён хранилищ Интернета Internet Storage Name Service (iSNS) операционной системы Microsoft Windows, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3