Oval Definition:oval:org.mitre.oval:def:6138
Revision Date:2011-11-14Version:44
Title:DNS Server Vulnerability in WPAD Registration Vulnerability
Description:Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) feature, and conduct man-in-the-middle attacks by spoofing a proxy server, via a Dynamic Update request for this hostname, aka "DNS Server Vulnerability in WPAD Registration Vulnerability," a related issue to CVE-2007-1692.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0093
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis
  • Microsoft Windows Server 2000 SP4 is installed and version of dns.exe
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of dns.exe is less than 5.0.2195.7260
  • OR Microsoft Windows Server 2003 SP1 (x86/x64/ia64) is installed and file version of dns.exe
  • Microsoft Windows Server 2003 SP1 (x86/x64/ia64) is installed
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 SP1 (x64) is installed
  • OR Microsoft Windows Server 2003 SP1 for Itanium is installed
  • AND the version of dns.exe is less than 5.2.3790.3295
  • OR Microsoft Windows Server 2003 SP2 (x86/x64/ia64) is installed and file versions of dns.exe
  • Microsoft Windows Server 2003 SP2 (x86/x64/ia64) is installed
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of dns.exe is less than 5.2.3790.4460
    • BACK