CVE-2008-0087

high-risk

Published 2008-04-08

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

Do I need to act?

56.9% chance of exploitation in next 30 days

EPSS score — higher than 43% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (7)

Windows 2000

Windows Server 2003

Windows Vista

Windows Xp

Windows Server 2003

Windows Xp

Affected Vendors

Microsoft

References (20)

Mailing List http://marc.info/?l=bugtraq&m=120845064910729&w=2

Broken Link http://secunia.com/advisories/29696

Broken Link http://www.securityfocus.com/archive/1/490575/100/0/threaded

Broken Link http://www.securityfocus.com/bid/28553

Broken Link http://www.securitytracker.com/id?1019802

Broken Link http://www.trusteer.com/docs/windowsresolver.html

Broken Link http://www.us-cert.gov/cas/techalerts/TA08-099A.html

Broken Link http://www.vupen.com/english/advisories/2008/1144/references

Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-02...

Broken Link https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3...