Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-008.
Impact
Successful exploitation could allow attacker to execute specially crafted DNS queries to poison the DNS cache and can redirect traffic by registering WPAD or ISATP in the WINS database pointing to any desired IP address.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms09-008.mspx
Insight
- Error in the Windows DNS server may cause it to not properly reuse cached responses.
- Error in the Windows DNS server may cause it to not properly cache responses to specifially crafted DNS queries.
- Failure in access validation to restrict access when defining WPAD and ISATAP entries.
Affected
Microsoft Windows 2K Server Service Pack 4 and prior.
Microsoft Windows 2003 Server Service Pack 2 and prior.
Microsoft Windows Server 2008 Service Pack 1 and prior.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-0093, CVE-2009-0094, CVE-2009-0233, CVE-2009-0234 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities
- Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)
- Active Directory Certificate Services Web Enrollment Elevation of Privilege Vulnerability (2518295)
- Microsoft Window Audio Service Privilege Escalation Vulnerability (3005607)
- Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)
- Microsoft ISA Server DNS - Denial Of Service (MS03-009)