CVE-2009-0233: Input Validation
First published: Wed Mar 11 2009(Updated: )
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote attackers to predict transaction IDs and poison caches by simultaneously sending crafted DNS queries and responses, aka "DNS Server Query Validation Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp1 | |
| Microsoft Windows Server | =sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/52517
- http://www.securitytracker.com/id?1021831
- http://secunia.com/advisories/34217
- http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm
- http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx
- http://www.securityfocus.com/bid/33982
- http://www.vupen.com/english/advisories/2009/0661
- http://www.us-cert.gov/cas/techalerts/TA09-069A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6228
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008
Frequently Asked Questions
What is the severity of CVE-2009-0233?
CVE-2009-0233 is considered to have a moderate severity due to potential exploitation by remote attackers.
How do I fix CVE-2009-0233?
To mitigate CVE-2009-0233, it is recommended to apply the latest security updates from Microsoft.
What systems are affected by CVE-2009-0233?
CVE-2009-0233 affects Microsoft Windows 2000 SP4, Windows Server 2003 SP1 and SP2, and Windows Server 2008.
What type of vulnerability is CVE-2009-0233?
CVE-2009-0233 is a cache management vulnerability in the DNS Resolver Cache Service of Windows DNS Server.
Can CVE-2009-0233 lead to further attacks?
Yes, CVE-2009-0233 can potentially allow remote attackers to predict transactional responses, leading to further attacks.
- agent/type
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4
- canonical/microsoft windows server
- version/microsoft windows server/sp1
- version/microsoft windows server/sp2