virus logo Intrusion Prevention

MS.Windows.DNS.Server.WPAD.Registration.Spoofing

description-logoDescription

This indicates an attack attempt to exploit an information spoofing vulnerability in Microsoft windows DNS server.
This vulnerability is caused by an error when the vulnerable software is handling malicious entries in DNS database. It allows a remote attacker to exploit a DNS spoofing via sending a DNS dynamic update packet.

affected-products-logoAffected Products

Microsoft Windows 2000 Server Service Pack 4
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2008 for 32-bit Systems*
Windows Server 2008 for x64-based Systems*

Impact logoImpact

Information Spoofing: Remote attackers can spoof datas of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.microsoft.com/technet/security/Bulletin/ms09-008.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 17316
Created Mar 13, 2009
Updated Apr 23, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2009-0093
Exploit Prediction Score 97.05%
Default Action drop
Active
Affected OS Windows
Affected App Other