Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.900873
Kategorie:Windows
Titel:Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)
Zusammenfassung:This host has Microsoft DNS Devolution and is prone to Third-Level; Domain Name Resolving Weakness.
Beschreibung:Summary:
This host has Microsoft DNS Devolution and is prone to Third-Level
Domain Name Resolving Weakness.

Vulnerability Insight:
The flaw is due to design error in the DNS devolution process which can
be exploited by setting up a malicious site and carry out attacks against
victims who are inadvertently directed to the malicious site.

Vulnerability Impact:
Successful attacks may result in disclosure of the private IP address and
authentication credentials, modification of client proxy settings, phishing,
redirection to other malicious sites, enticing vulnerable users to download
malware.

Affected Software/OS:
- Microsoft Windows 2k Service Pack 4 and prior

- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows 2k3 Service Pack 2 and prior

Solution:
Apply the Security update

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 35255
CopyrightCopyright (C) 2009 SecPod

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.