Vigil@nce - Windows: denial of service via NFS
February 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the NFS service is enabled on Windows, an attacker can use a
malicious query, in order to trigger a denial of service.
Impacted products: Windows 2008, Microsoft Windows 2012
Severity: 2/4
Creation date: 12/02/2013
DESCRIPTION OF THE VULNERABILITY
The NFS (Network File System) service is used to share files in a
Unix environment.
However, this service does not correctly process a read operation
on a file, and dereferences a NULL pointer.
When the NFS service is enabled on Windows, an attacker can
therefore use a malicious query, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-denial-of-service-via-NFS-12413