MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.

Synopsis :

The DNS server running on the remote host is vulnerable to DNS spoofing

Description :

According to its self-reported version number, the Microsoft DNS Server
running on the remote host contains an issue with the entropy of
transaction IDs that could allow an attacker to spoof DNS responses. By
exploiting this issue, an attacker may be able to redirect legitimate
traffic from other systems that could allow him to construct more
complex attacks.

See also :

Solution :

Microsoft has released patches for Windows 2000 and 2003 Server.

Risk factor :

Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.3
Public Exploit Available : true

Family: DNS

Nessus Plugin ID: 72833 ()

Bugtraq ID: 25919

CVE ID: CVE-2007-3898

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now