| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS14-028 | Vulnerabilities in iSCSI Could Allow Denial of Service (2962485) | Windows Server | Important | 14-05-2014 |
Technical Information
Brief overview of the risk:
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow denial of service if an attacker sends large amounts of specially crafted iSCSI packets over the target network. This vulnerability only affects servers for which the iSCSI target role has been enabled.
Detailed Information on the risk:
A denial of service vulnerability exists in the way that affected operating systems handle iSCSI packets. An attacker who successfully exploited the vulnerability could cause the affected service or services to stop responding.
Further information on this exploit is available at : MS14-028
Affected Software
Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)