Technical Description

Two vulnerabilities have been identified in Microsoft Windows, which could be exploited to conduct spoofing and cache poisoning attacks.

The first issue is caused by an error in the Windows DNS service within the Windows DNS client and DNS server does not provide enough entropy when performing DNS queries, which could allow an attacker to insert arbitrary addresses into the DNS cache and redirect Internet traffic from legitimate locations to a malicious address.

The second vulnerability is caused by an error in the DNS server that accepts records from a response that is outside the remote server's authority, which could allow attackers to insert false or misleading DNS data in the response to specific DNS requests, thereby redirecting Internet traffic.

Affected Products

Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 SP2 (Itanium)
Microsoft Windows Server 2008 (32-bit)
Microsoft Windows Server 2008 (x64)

Solution

Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

References

http://www.vupen.com/english/advisories/2008/2019
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

Credits

Vulnerabilities reported by Dan Kaminsky (IOActive).

ChangeLog

2008-07-08 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.