CVE-2008-1454

Sažetak

Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.

Reference

http://secunia.com/advisories/30925
http://www.securityfocus.com/bid/30132
http://www.securitytracker.com/id?1020437
http://www.us-cert.gov/cas/techalerts/TA08-190A.html
http://www.vupen.com/english/advisories/2008/2019/references
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5380

CVSS

Base:	9.4
Impact:	9.2
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:C/A:C

Zadnje važnije ažuriranje

26-02-2019 - 14:04

Objavljeno

08-07-2008 - 23:41