Lucene search
K

3 matches found

seebug.org
seebug.org
added 2009/03/12 12:0 a.m.52 views

Microsoft Windows DNS/WINS服务器多个欺骗漏洞(MS09-008)

BUGTRAQ ID: 34013,33982,33988,33989 CVECAN ID: CVE-2009-0093,CVE-2009-0094,CVE-2009-0233,CVE-2009-0234 Microsoft Windows是微软发布的非常流行的操作系统。 Windows DNS服务器和WINS服务器存在多个漏洞,可能会允许远程攻击者将Internet上发送给系统的网络通信重定向至攻击者自己的系统。 1 Windows DNS服务器没有正确地重新使用缓存的响应,特制的DNS查询可以向DNS缓存投毒,重新定向网络通讯。 2 Windows...

6.4CVSS6.6AI score0.34442EPSS
Exploits1
NVD
NVD
added 2009/03/11 2:19 p.m.24 views

CVE-2009-0093

Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery WPAD feature, and conduct...

3.5CVSS6AI score0.1702EPSS
Exploits1References11
Check Point Advisories
Check Point Advisories
added 2009/03/10 12:0 a.m.19 views

Microsoft DNS Server WPAD Registration Spoofing (MS09-008; CVE-2009-0093)

WPAD feature enables web clients to automatically detect proxy settings without user intervention. A Web Proxy Auto-Discovery WPAD registration spoofing vulnerability has been reported in Microsoft DNS servers. The vulnerability is due to an error in the Windows DNS server that fails to correctly...

3.5CVSS6.2AI score0.1702EPSS
Exploits1
Rows per page
Query Builder