CVE-2007-3898 Information

Description

The DNS server in Microsoft Windows 2000 Server SP4 and Server 2003 SP1 and SP2 uses predictable transaction IDs when querying other DNS servers which allows remote attackers to spoof DNS replies poison the DNS cache and facilitate further attack vectors.

Reference

http://secunia.com/advisories/27584 http://securityreason.com/securityalert/3373 http://www.kb.cert.org/vuls/id/484649 http://www.scanit.be/advisory-2007-11-14.html http://www.securityfocus.com/archive/1/483635/100/0/threaded http://www.securityfocus.com/archive/1/483698/100/0/threaded http://www.securityfocus.com/archive/1/484186/100/0/threaded http://www.securityfocus.com/bid/25919 http://www.securitytracker.com/id?1018942 http://www.trusteer.com/docs/windowsdns.html http://www.us-cert.gov/cas/techalerts/TA07-317A.html http://www.vupen.com/english/advisories/2007/3848 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-062 https://exchange.xforce.ibmcloud.com/vulnerabilities/36805 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4395