MS08-020: Vulnerability in DNS Client Could Allow Spoofing (945553)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote host is vulnerable to DNS spoofing.

Description :

There is a flaw in the remote DNS client that could let an attacker
send malicious DNS responses to DNS requests made by the remote host,
thereby spoofing or redirecting internet traffic from legitimate
locations.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms08-020

Solution :

Microsoft has released patches for Windows 2000, XP, 2003 Server and
Vista.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 31793 ()

Bugtraq ID: 28553

CVE ID: CVE-2008-0087