Content
(MS08-037) Microsoft DNS Cache Poisoning Vulnerability (953230)
- Type
- Logic error
- Impact of exploitation
- Spoofing
- User Interaction
- no user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- High
- CVE reference
- CVE-2008-1454 ,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 SP4,
- Windows 2003 SP2,
- Summary
- A vulnerability in Windows DNS server may allow for spoofing attacks.
Tab Navigation
Description
Windows DNS server is a DNS server implementation for Microsoft operating systems. A vulnerability in Windows DNS server may allow for spoofing attacks. A remote, unauthenticated attacker could send specially crafted responses to DNS requests of vulnerable systems. These malicious responses would poison the DNS cache and allow the attacker to spoof Internet sites.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the patch available from Microsoft (953230): http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-037) Microsoft DNS Cache Poisoning Vulnerability (953230)
- Signature identifier:
- 5987
- Release date:
- 7/8/2008
Additional Resources
Microsoft Security Bulletin: Vulnerabilities in DNS Could Allow Spoofing (953230)
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
All Information
Timeline -
7/8/2008
Vendor has provided a patch.
Description -
Windows DNS server is a DNS server implementation for Microsoft operating systems. A vulnerability in Windows DNS server may allow for spoofing attacks. A remote, unauthenticated attacker could send specially crafted responses to DNS requests of vulnerable systems. These malicious responses would poison the DNS cache and allow the attacker to spoof Internet sites.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the patch available from Microsoft (953230): http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-037) Microsoft DNS Cache Poisoning Vulnerability (953230)
- Signature identifier:
- 5987
- Release date:
- 7/8/2008
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Vulnerabilities in DNS Could Allow Spoofing (953230)
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
