Vulnerabilities > CVE-2007-3898 - Configuration vulnerability in Microsoft products

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
CWE-16
nessus
exploit available

Summary

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

Vulnerable Configurations

Part Description Count
OS
Microsoft
34

Common Weakness Enumeration (CWE)

Exploit-Db

  • descriptionMicrosoft Windows 2000/2003 Recursive DNS Spoofing Vulnerability (1). CVE-2007-3898. Remote exploit for windows platform
    idEDB-ID:30635
    last seen2016-02-03
    modified2007-11-13
    published2007-11-13
    reporterAlla Berzroutchko
    sourcehttps://www.exploit-db.com/download/30635/
    titleMicrosoft Windows 2000/2003 Recursive DNS Spoofing Vulnerability 1
  • descriptionMicrosoft Windows 2000/2003 Recursive DNS Spoofing Vulnerability (2). CVE-2007-3898. Remote exploit for windows platform
    idEDB-ID:30636
    last seen2016-02-03
    modified2007-11-13
    published2007-11-13
    reporterAlla Berzroutchko
    sourcehttps://www.exploit-db.com/download/30636/
    titleMicrosoft Windows 2000/2003 Recursive DNS Spoofing Vulnerability 2

Nessus

  • NASL familyDNS
    NASL idMS_DNS_KB941672.NASL
    descriptionAccording to its self-reported version number, the Microsoft DNS Server running on the remote host contains an issue with the entropy of transaction IDs that could allow an attacker to spoof DNS responses. By exploiting this issue, an attacker may be able to redirect legitimate traffic from other systems that could allow him to construct more complex attacks.
    last seen2020-06-01
    modified2020-06-02
    plugin id72833
    published2014-03-05
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/72833
    titleMS07-062: Vulnerability in DNS Could Allow Spoofing (941672) (uncredentialed check)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS07-062.NASL
    descriptionThe remote host has the Windows DNS server installed. There is a flaw in the remote version of this server that could allow an attacker to spoof DNS responses. By exploiting this flaw, an attacker may be able to redirect legitimate traffic from other systems that could allow him to construct more complex attacks.
    last seen2020-06-01
    modified2020-06-02
    plugin id28184
    published2007-11-13
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28184
    titleMS07-062: Vulnerability in DNS Could Allow Spoofing (941672)

Oval

accepted2011-05-09T04:01:33.416-04:00
classvulnerability
contributors
  • nameRobert L. Hollis
    organizationThreatGuard, Inc.
  • nameJeff Cheng
    organizationHewlett-Packard
  • nameJeff Cheng
    organizationHewlett-Packard
  • nameJeff Cheng
    organizationHewlett-Packard
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
  • commentMicrosoft Windows 2000 SP4 or later is installed
    ovaloval:org.mitre.oval:def:229
  • commentMicrosoft Windows Server 2003 SP1 (x86) is installed
    ovaloval:org.mitre.oval:def:565
  • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
    ovaloval:org.mitre.oval:def:1935
descriptionThe DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.
familywindows
idoval:org.mitre.oval:def:4395
statusaccepted
submitted2007-11-16T05:29:38
titleVulnerability in DNS Could Allow Spoofing
version71

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 25919 CVE(CAN) ID: CVE-2007-3898 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的DNS服务器实现上存在漏洞,远程攻击者可能利用此漏洞导致DNS欺骗。 在向上游DNS服务器发送请求时Windows的DNS服务(dns.exe)使用了可预测的事件,这允许攻击者执行DNS缓存破坏攻击。当DNS服务器执行递归查询的时候,攻击者就可以通过特制的DNS响应导致欺骗或者从合法位置重定向Internet流量。 Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows 2000 Server SP4 Microsoft --------- Microsoft已经为此发布了一个安全公告(MS07-062)以及相应补丁: MS07-062:Vulnerability in DNS Could Allow Spoofing (941672) 链接:<a href="http://www.microsoft.com/technet/security/bulletin/MS07-062.asp" target="_blank">http://www.microsoft.com/technet/security/bulletin/MS07-062.asp</a>
idSSV:2422
last seen2017-11-19
modified2007-11-15
published2007-11-15
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-2422
titleMicrosoft Windows递归DNS欺骗漏洞(MS07-062)