Oval Definition:oval:org.mitre.oval:def:6228
Revision Date:2011-11-14Version:44
Title:DNS Server Query Validation Vulnerability
Description:The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote attackers to predict transaction IDs and poison caches by simultaneously sending crafted DNS queries and responses, aka "DNS Server Query Validation Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0233
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis
  • Microsoft Windows Server 2000 SP4 is installed and version of dns.exe
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of dns.exe is less than 5.0.2195.7260
  • OR Microsoft Windows Server 2003 SP1 (x86/x64/ia64) is installed and file version of dns.exe
  • Microsoft Windows Server 2003 SP1 (x86/x64/ia64) is installed
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • OR Microsoft Windows Server 2003 SP1 (x64) is installed
  • OR Microsoft Windows Server 2003 SP1 for Itanium is installed
  • AND the version of dns.exe is less than 5.2.3790.3295
  • OR Microsoft Windows Server 2003 SP2 (x86/x64/ia64) is installed and file versions of dns.exe
  • Microsoft Windows Server 2003 SP2 (x86/x64/ia64) is installed
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND the version of dns.exe is less than 5.2.3790.4460
  • OR Microsoft Windows Server 2008 (x86/x64) is installed and file version of dns.exe
  • Microsoft Windows Server 2008 (x86/x64) is installed
  • Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND version of dns.exe less than 6.0.6001.18214 or greater than or equal 6.0.6001.22000 and less than 6.0.6001.22375
  • the version of dns.exe is less than 6.0.6001.18214
  • OR For LDR file version greater than or equal 6.0.6001.22000 and less than 6.0.6001.22375
  • the version of dns.exe is greater than or equal 6.0.6001.22000
  • AND the version of dns.exe is less than 6.0.6001.22375
    • BACK