Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2008-0087 - CERT CVE
CVE-2008-0087
ID
CVE-2008-0087
Sažetak
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
Reference
http://marc.info/?l=bugtraq&m=120845064910729&w=2
http://secunia.com/advisories/29696
http://www.securityfocus.com/archive/1/490575/100/0/threaded
http://www.securityfocus.com/bid/28553
http://www.securitytracker.com/id?1019802
http://www.trusteer.com/docs/windowsresolver.html
http://www.us-cert.gov/cas/techalerts/TA08-099A.html
http://www.vupen.com/english/advisories/2008/1144/references
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5314
CVSS
Base:
8.8
Impact:
9.2
Exploitability:
8.6
Pristup
Vektor
Složenost
Autentikacija
NETWORK
MEDIUM
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
COMPLETE
COMPLETE
CVSS vektor
AV:N/AC:M/Au:N/C:N/I:C/A:C
Zadnje važnije ažuriranje
14-02-2024 - 16:54
Objavljeno
08-04-2008 - 23:05