Vulners
Lucene search
Windows vulnerability in DNS Client Could Allow Spoofing (945553)
🗓️ 03 Sep 2008 00:00:00Reported by Copyright (C) 2008 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 31 Views
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | Preemptive Protection against Microsoft Windows DNS Client Spoofing Vulnerability (MS08-020) | 8 Apr 200800:00 | – | checkpoint_advisories |
| Security Best Practice: Protect Yourself against DNS Cache Poisoning | 16 Aug 200700:00 | – | checkpoint_advisories |
 | CVE-2008-0087 | 8 Apr 200823:00 | – | cve |
 | CVE-2008-0087 | 8 Apr 200823:00 | – | cvelist |
 | CVE-2008-0087 | 8 Apr 200823:05 | – | nvd |
| Microsoft Windows DNS Client Service Response Spoofing Vulnerability (945553) | 10 Jan 201100:00 | – | openvas |
| Microsoft Windows DNS Client Spoofing Vulnerability (MS08-020, 945553) | 3 Sep 200800:00 | – | openvas |
| Microsoft Windows DNS Client Service Response Spoofing Vulnerability (945553) | 10 Jan 201100:00 | – | openvas |
 | Code injection | 8 Apr 200823:05 | – | prion |
 | PT-2008-1742 · Microsoft · Windows Server 2003 +4 | 8 Apr 200800:00 | – | ptsecurity |
10
| Source | Link |
|---|---|
| microsoft | www.microsoft.com/technet/security/bulletin/ms08-020.mspx |
# OpenVAS Vulnerability Test
# $Id: win_CVE-2008-0087.nasl 5661 2017-03-21 11:39:13Z cfi $
# Description: Windows vulnerability in DNS Client Could Allow Spoofing (945553)
#
# Authors:
# Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de>
# Modified to Implement 'smb_nt.inc'
# - By Sharath S <[email protected]> On 2009-09-21
#
# Copyright:
# Copyright (C) 2008 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
tag_impact = "The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2,
and Vista uses predictable DNS transaction IDs, which allows remote attackers
to spoof DNS responses.";
tag_summary = "The remote host is probably affected by the vulnerability described in
CVE-2008-0087";
tag_solution = "All Users should upgrade to the latest version.";
# $Revision: 5661 $
if(description)
{
script_id(90020);
script_version("$Revision: 5661 $");
script_tag(name:"last_modification", value:"$Date: 2017-03-21 12:39:13 +0100 (Tue, 21 Mar 2017) $");
script_tag(name:"creation_date", value:"2008-09-03 22:30:27 +0200 (Wed, 03 Sep 2008)");
script_tag(name:"cvss_base", value:"8.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:C/A:C");
script_cve_id("CVE-2008-0087");
script_bugtraq_id(28553);
script_name("Windows vulnerability in DNS Client Could Allow Spoofing (945553)");
script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx");
script_category(ACT_GATHER_INFO);
script_tag(name:"qod_type", value:"executable_version");
script_copyright("Copyright (C) 2008 Greenbone Networks GmbH");
script_family("Windows : Microsoft Bulletins");
script_dependencies("secpod_reg_enum.nasl");
script_mandatory_keys("SMB/WindowsVersion");
script_require_ports(139, 445);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "impact" , value : tag_impact);
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
if(hotfix_check_sp(xp:3, win2k:5, win2003:3) <= 0){
exit(0);
}
# MS08-020 Hotfix check
if(hotfix_missing(name:"945553") == 0){
exit(0);
}
dllPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup",
item:"Install Path");
if(!dllPath){
exit(0);
}
share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:dllPath);
file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1",
string:dllPath + "\Dnsapi.dll");
dllVer = GetVer(file:file, share:share);
if(!dllVer){
exit(0);
}
# Windows 2K
if(hotfix_check_sp(win2k:5) > 0)
{
# Grep for Dnsapi.dll version < 5.0.2195.7151
if(version_is_less(version:dllVer, test_version:"5.0.2195.7151")){
security_message(0);
}
}
# Windows XP
else if(hotfix_check_sp(xp:3) > 0)
{
# Grep for Dnsapi.dll < 5.1.2600.3316
if(version_is_less(version:dllVer, test_version:"5.1.2600.3316")){
security_message(0);
}
}
# Windows 2003
else if(hotfix_check_sp(win2003:3) > 0)
{
SP = get_kb_item("SMB/Win2003/ServicePack");
if("Service Pack 2" >< SP)
{
# Grep for Dnsapi.dll version < 5.2.3790.4238
if(version_is_less(version:dllVer, test_version:"5.2.3790.4238")){
security_message(0);
}
exit(0);
}
if("Service Pack 1" >< SP)
{
# Grep for Dnsapi.dll version < 5.2.3790.3092
if(version_is_less(version:dllVer, test_version:"5.2.3790.3092")){
security_message(0);
}
exit(0);
}
security_message(0);
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Mar 2017 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.55738