Windows Vulnerability In DNS Client Could Allow Spoofing (945553) Network Vulnerability

Summary

The remote host is probably affected by the vulnerability described in CVE-2008-0087

Impact

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

Solution

All Users should upgrade to the latest version.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0087
http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-0087

CVSS	Base Score: 8.8 AV:N/AC:M/Au:N/C:N/I:C/A:C

Related Vulnerabilities

Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability (2387149)

Windows vulnerability in DNS Client Could Allow Spoofing (945553)

Take action and discover your vulnerabilities