Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-008.
Impact
Successful exploitation could allow attacker to execute specially crafted DNS queries to poison the DNS cache and can redirect traffic by registering WPAD or ISATP in the WINS database pointing to any desired IP address.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms09-008.mspx
Insight
- Error in the Windows DNS server may cause it to not properly reuse cached responses.
- Error in the Windows DNS server may cause it to not properly cache responses to specifially crafted DNS queries.
- Failure in access validation to restrict access when defining WPAD and ISATAP entries.
Affected
Microsoft Windows 2K Server Service Pack 4 and prior.
Microsoft Windows 2003 Server Service Pack 2 and prior.
Microsoft Windows Server 2008 Service Pack 1 and prior.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-0093, CVE-2009-0094, CVE-2009-0233, CVE-2009-0234 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities
- Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
- ASP.NET MVC Security Feature Bypass Vulnerability (2990942)
- Microsoft Groove Server HTML Sanitisation Component XSS Vulnerability (2821818)
- Microsoft Office Security Feature Bypass Vulnerability (2961033)
- Microsoft .NET Framework Security Bypass Vulnerability (2984625)