SynopsisThe DNS server running on the remote host is vulnerable to DNS spoofing attacks.
DescriptionAccording to its self-reported version number, the Microsoft DNS Server running on the remote host has the following vulnerabilities :
- An issue exists in installations where dynamic updates are enabled and ISATAP and WPAD are not already registered in DNS due to the lack of restricting registration on the 'wpad' hostname. A remote, authenticated attacker can exploit this issue to perform a man-in-the-middle attack. (CVE-2009-0093)
- An issue exists that allows a remote, unauthenticated attacker to quickly and reliably spoof responses and insert records into the DNS server's cache.
- An issue exists in the DNS Resolver Cache Service due to improper caching of DNS responses that could allow a remote, unauthenticated attacker to predict transaction IDs and poison caches by sending many crafted DNS queries. (CVE-2009-0234)
These issues may allow remote attackers to redirect network traffic intended for systems on the Internet to the attacker's own systems.
SolutionMicrosoft has released a set of patches for Windows 2000, 2003 and 2008.