This script is Copyright (C) 2014 Tenable Network Security, Inc.
The DNS server running on the remote host is vulnerable to DNS spoofing
According to its self-reported version number, the Microsoft DNS Server
running on the remote host has the following vulnerabilities :
- An issue exists in installations where dynamic updates
are enabled and ISATAP and WPAD are not already
registered in DNS due to the lack of restricting
registration on the 'wpad' hostname. A remote,
authenticated attacker can exploit this issue to
perform a man-in-the-middle attack. (CVE-2009-0093)
- An issue exists that allows a remote, unauthenticated
attacker to quickly and reliably spoof responses and
insert records into the DNS server's cache.
- An issue exists in the DNS Resolver Cache Service due
to improper caching of DNS responses that could allow
a remote, unauthenticated attacker to predict
transaction IDs and poison caches by sending many
crafted DNS queries. (CVE-2009-0234)
These issues may allow remote attackers to redirect network traffic
intended for systems on the Internet to the attacker's own systems.
See also :
Microsoft has released a set of patches for Windows 2000, 2003 and
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 4.7
Public Exploit Available : false
Nessus Plugin ID: 72835 ()
Bugtraq ID: 339823398833989
CVE ID: CVE-2009-0093CVE-2009-0233CVE-2009-0234
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.