CVE-2009-0093: Input Validation
First published: Wed Mar 11 2009(Updated: )
Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) feature, and conduct man-in-the-middle attacks by spoofing a proxy server, via a Dynamic Update request for this hostname, aka "DNS Server Vulnerability in WPAD Registration Vulnerability," a related issue to CVE-2007-1692.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp1 | |
| Microsoft Windows Server | =sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2009/0661
- http://secunia.com/advisories/34217
- http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx
- http://www.securityfocus.com/bid/33989
- http://osvdb.org/52519
- http://blog.ncircle.com/blogs/vert/archives/2009/03/successful_exploit_renders_mic.html
- http://www.securitytracker.com/id?1021830
- http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm
- http://www.us-cert.gov/cas/techalerts/TA09-069A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6138
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008
Frequently Asked Questions
What are the potential impacts of CVE-2009-0093?
CVE-2009-0093 allows attackers to hijack the Web Proxy Auto-Discovery feature, potentially leading to man-in-the-middle attacks.
What versions of Windows are affected by CVE-2009-0093?
CVE-2009-0093 affects Microsoft Windows 2000 SP4, Windows Server 2003 SP1 and SP2, and Windows Server 2008.
How can I mitigate CVE-2009-0093?
To mitigate CVE-2009-0093, disable dynamic updates for the DNS Server or restrict registrations for the 'wpad' hostname.
What is the severity rating of CVE-2009-0093?
CVE-2009-0093 has a severity rating of important according to Microsoft's security guidelines.
Is there a patch available for CVE-2009-0093?
Yes, Microsoft released a security update to address CVE-2009-0093, which should be applied to affected systems.
- agent/first-publish-date
- agent/last-modified-date
- agent/type
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4
- canonical/microsoft windows server
- version/microsoft windows server/sp1
- version/microsoft windows server/sp2