CVE-2009-0094 Information

Description

The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) \wpad\ and (2) \isatap\ NetBIOS names which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) features and conduct man-in-the-middle attacks by spoofing a proxy server or ISATAP route by registering one of these names in the WINS database aka \WPAD WINS Server Registration Vulnerability\ a related issue to CVE-2007-1692.

Reference

http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx http://osvdb.org/52520 http://secunia.com/advisories/34217 http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm http://www.securityfocus.com/bid/34013 http://www.securitytracker.com/id?1021829 http://www.us-cert.gov/cas/techalerts/TA09-069A.html http://www.vupen.com/english/advisories/2009/0661 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6117