[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft: Vulnerability in DNS Could Allow Spoofing

To: namedroppers@ops.ietf.org
Subject: Microsoft: Vulnerability in DNS Could Allow Spoofing
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Date: Thu, 15 Nov 2007 13:00:30 -0200
User-agent: Mutt/1.5.15+20070412 (2007-04-11)

Relevant for the discussion about
draft-ietf-dnsext-forgery-resilience. See also
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3898

Microsoft Security Bulletin MS07-062

  - Affected Software:
    - Microsoft Windows 2000 Server Service Pack 4
    - Windows Server 2003 Service Pack 1
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition
    - Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP1 for Itanium-based Systems
    - Windows Server 2003 with SP2 for Itanium-based Systems

    - Impact: Spoofing
    - Version Number: 1.0

- - From Microsoft Security Bulletin MS07-062:

Vulnerability Details

DNS Spoofing Attack Vulnerability  CVE-2007-3898

A spoofing vulnerability exists in Windows DNS Servers. The vulnerability
could allow non-privileged users to send malicious responses to DNS
requests, thereby spoofing or redirecting Internet traffic from legitimate
locations.

Mitigating Factors for DNS Spoofing Attack Vulnerability  CVE-2007-3898

Mitigation refers to a setting, common configuration, or general
best-practice, existing in a default state, that could reduce the severity
of exploitation of a vulnerability. Microsoft has not identified any
mitigations for this vulnerability.  Top of sectionTop of section

Workarounds for DNS Spoofing Attack Vulnerability  CVE-2007-3898

Workaround refers to a setting or configuration change that does not
correct the underlying vulnerability but would help block known attack
vectors before you apply the update. Microsoft has not identified any
workarounds for this vulnerability.

FAQ for DNS Spoofing Attack Vulnerability  CVE-2007-3898

What is the scope of the vulnerability?

A spoofing vulnerability exists in Windows DNS Severs. An attacker who
successfully exploited this vulnerability could impersonate a legitimate
address.

What causes the vulnerability?

The Windows DNS Server service doesnt provide enough entropy in its random
choice of transaction values when it sends out queries to upstream DNS
servers.

What might an attacker use the vulnerability to do?

An attacker who successfully exploited this vulnerability could gain
information about the DNS servers transaction IDs, and use that information
to send malicious responses to DNS requests, thus redirecting Internet
traffic from legitimate locations to an address of the attackers choice.

How could an attacker exploit the vulnerability?

An attacker who successfully exploited this vulnerability could respond
to a DNS query with false or misleading information, thereby redirecting
Internet traffic from legitimate locations.

Could the vulnerability be exploited over the Internet?

Yes, an attacker could exploit this vulnerability over the Internet by
sending specific responses to an Internet-facing DNS server that is
performing recursive lookups.

What systems are primarily at risk from the vulnerability?

This vulnerability applies to Windows DNS servers that perform recursive
lookups.


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Prev by Date: Re: draft-ietf-dnsext-forgery-resilience-01.txt
Next by Date: I-D ACTION:draft-ietf-dnsext-rfc2672bis-dname-06.txt
Previous by thread: draft-ietf-dnsext-forgery-resilience-01.txt
Next by thread: I-D ACTION:draft-ietf-dnsext-rfc2672bis-dname-06.txt
Index(es):
- Date
- Thread