CVE-2008-1454

Severity

94%

Complexity

99%

Confidentiality

153%

Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.

Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.

CVSS 2.0 Base Score 9.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:C/A:C).

Overview

First reported 16 years ago

2008-07-08 23:41:00

Last updated 5 years ago

2019-02-26 14:04:00

Affected Software

Microsoft Windows 2000 Service Pack 4

Microsoft Windows Server 2003 Service Pack 2

Windows Server 2008 for 32-bit Systems

Microsoft Windows Server 2008 x64 (64-bit) (intial release)

Microsoft Windows XP Service Pack 2

References

30925

Vendor Advisory

30132

Patch

1020437

TA08-190A

US Government Resource

ADV-2008-2019

Vendor Advisory

MS08-037

oval:org.mitre.oval:def:5380

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.