Microsoft Windows Multiple DNS Spoofing Vulnerabilities( 09 July 2008 )

Last Update Date: 28 Jan 2011 Release Date: 9 Jul 2008 5086 Views

RISK: Medium Risk

Medium Risk

1. DNS Insufficient Socket Entropy Vulnerability

A spoofing vulnerability exists in Windows DNS client and Windows DNS server. This vulnerability could allow a remote unauthenticated attacker to quickly and reliably spoof responses and insert records into the DNS server or client cache, thereby redirecting Internet traffic.

2. DNS Cache Poisoning Vulnerability

A cache poisoning vulnerability exists in Windows DNS Server. The vulnerability could allow an unauthenticated remote attacker to send specially crafted responses to DNS requests made by vulnerable systems, thereby poisoning the DNS cache and redirecting Internet traffic from legitimate locations.

Impact

  • Spoofing

System / Technologies affected

  • Microsoft Windows 2000
  • Windows XP
  • Windows Server 2003

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

Vulnerability Identifier

Source

Related Link

Share with

Previous

Multiple DNS Implementations Cache Poisoning Vulnerabilities

9 Jul 2008 5687 Views

Next

Microsoft Office Word Document Handling Code Execution Vulnerability

10 Jul 2008 5098 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY