CVE-2007-3898

Severity

64%

Complexity

99%

Confidentiality

81%

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

CVSS 2.0 Base Score 6.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P).

Overview

Type

Microsoft

First reported 17 years ago

2007-11-14 01:46:00

Last updated 6 years ago

2018-10-15 21:32:00

Affected Software

Microsoft windows 2000_gold

Microsoft windows 2000_sp1

Microsoft windows 2000_sp2

Microsoft windows 2000_sp3

Microsoft Windows 2000 Service Pack 4

Microsoft windows 2003_gold

Microsoft windows 2003_gold datacenter

Microsoft windows 2003_gold enterprise

Microsoft Windows 2003 gold itanium

Microsoft Windows 2003 Server Gold x64 (64-bit)

Microsoft Windows 2003 Server Gold x64 (64-bit) Datacenter Edition

Microsoft Windows 2003 Server Gold x64 (64-bit) Enterprise Edition

Microsoft Windows 2003 Server Service Pack 1

Microsoft windows 2003_sp1 datacenter

Microsoft windows 2003_sp1 enterprise

Microsoft Windows 2003 Server Service Pack 2

Microsoft windows 2003_sp2 datacenter

Microsoft windows 2003_sp2 enterprise

Microsoft Windows 2003 Server Service Pack 2 Itanium

Microsoft Windows 2003 Server Service Pack 2 x64 (64-bit)

References

27584

Patch, Vendor Advisory

3373

VU#484649

US Government Resource

http://www.scanit.be/advisory-2007-11-14.html

20071113 After 6 months - fix available for Microsoft DNS cache poisoning attack

20071114 Predictable DNS transaction IDs in Microsoft DNS Server

HPSBST02291

25919

Exploit, Patch

1018942

http://www.trusteer.com/docs/windowsdns.html

TA07-317A

US Government Resource

ADV-2007-3848

MS07-062

win-dns-spoof-information-disclosure(36805)

oval:org.mitre.oval:def:4395

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.