Skip to main content

Microsoft Windows DNS and WINS Server Could Allow Spoofing Vulnerabilities ( 11 March 2009 )

Last Update Date: 28 Jan 2011 Release Date: 11 Mar 2009 4162 Views

RISK: Medium Risk

1. DNS Server Query Validation Vulnerability

A spoofing vulnerability exists in Windows DNS server. This vulnerability could allow a remote unauthenticated attacker to quickly and reliably spoof responses and insert records into the DNS server's cache, thereby redirecting Internet traffic.

2. DNS Server Response Validation Vulnerability

A response validation vulnerability exists in Windows DNS Server. The vulnerability could allow an unauthenticated remote attacker to send specially crafted queries to a DNS server so as to allow greater predictability of transaction IDs used by the DNS server and thus to redirect Internet traffic from legitimate locations.

3. DNS Server Vulnerability in WPAD Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows DNS servers where dynamic update is used and ISATAP and WPAD are not already registered in DNS. This vulnerability could allow a remote authenticated attacker to spoof a web proxy thereby redirect Internet traffic to an address of the attacker¡¦s choice.

4. WPAD WINS Server Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows WINS servers. This vulnerability could allow a remote authenticated attacker to spoof a web proxy and thereby redirect Internet traffic to an address of the attacker¡¦s choice.


Impact

  • Spoofing

System / Technologies affected

  • Microsoft Windows 2000 Server Service Pack 4
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows Server 2003 SP1 (Itanium)
  • Microsoft Windows Server 2003 SP2 (Itanium)
  • Microsoft Windows Server 2008 (32-bit)
  • Microsoft Windows Server 2008 (x64)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

DNS Server


Vulnerability Identifier


Source


Related Link