CVE-2007-1692
First published: Mon Mar 26 2007(Updated: )
The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundaries and would not be a vulnerability. It has also been reported that DHCP is an alternate attack vector.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | ||
| Microsoft Windows 2003 Server | =2000 | |
| Microsoft Windows 2003 Server | =r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/isn/2007-q1/0418.html
- http://support.microsoft.com/kb/934864
- http://isc.sans.org/diary.html?storyid=2517
- http://news.com.com/Windows+weakness+can+lead+to+network+traffic+hijacks/2100-1002_3-6170229.html
- http://www.vupen.com/english/advisories/2007/1115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33244
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft windows 2000
- canonical/microsoft windows 2003 server
- version/microsoft windows 2003 server/2000
- version/microsoft windows 2003 server/r2