CVE-2007-3898

Description

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

Related CPE's

omicrosoftwindows_2003_server*gold******

omicrosoftwindows_2000*sp4srv*****

omicrosoftwindows_2000*golddatacenter_srv*****

omicrosoftwindows_2000*gold******

omicrosoftwindows_2003_server*sp2x64*****

omicrosoftwindows_2000*sp1datacenter_srv*****

omicrosoftwindows_2003_server*goldstd*****

omicrosoftwindows_2003_server*goldx64-std*****

omicrosoftwindows_2000*sp2adv_srv*****

omicrosoftwindows_2000*sp4******

References

http://www.trusteer.com/docs/windowsdns.html

VU#484649

US Government Resource

25919

ExploitPatch

1018942

27584

PatchVendor Advisory

http://www.scanit.be/advisory-2007-11-14.html

TA07-317A

US Government Resource

3373

ADV-2007-3848

win-dns-spoof-information-disclosure(36805)

oval:org.mitre.oval:def:4395

MS07-062

HPSBST02291

20071114 Predictable DNS transaction IDs in Microsoft DNS Server

20071113 After 6 months - fix available for Microsoft DNS cache poisoning attack

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:P/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

PARTIAL

BaseScore

6.400000095367432

Created by Yello
About Severity.io