Microsoft Windows DNS and WINS Server Could Allow Spoofing Vulnerabilities ( 11 March 2009 )

1. DNS Server Query Validation Vulnerability

A spoofing vulnerability exists in Windows DNS server. This vulnerability could allow a remote unauthenticated attacker to quickly and reliably spoof responses and insert records into the DNS server's cache, thereby redirecting Internet traffic.

2. DNS Server Response Validation Vulnerability

A response validation vulnerability exists in Windows DNS Server. The vulnerability could allow an unauthenticated remote attacker to send specially crafted queries to a DNS server so as to allow greater predictability of transaction IDs used by the DNS server and thus to redirect Internet traffic from legitimate locations.

3. DNS Server Vulnerability in WPAD Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows DNS servers where dynamic update is used and ISATAP and WPAD are not already registered in DNS. This vulnerability could allow a remote authenticated attacker to spoof a web proxy thereby redirect Internet traffic to an address of the attacker¡¦s choice.

4. WPAD WINS Server Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows WINS servers. This vulnerability could allow a remote authenticated attacker to spoof a web proxy and thereby redirect Internet traffic to an address of the attacker¡¦s choice.