CVE-2009-0234
Vulnerability from cvelistv5
Published
2009-03-11 14:00
Modified
2024-08-07 04:24
Severity ?
Summary
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger "unnecessary lookups," aka "DNS Server Response Validation Vulnerability."
References
secure@microsoft.comhttp://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx
secure@microsoft.comhttp://osvdb.org/52518
secure@microsoft.comhttp://secunia.com/advisories/34217
secure@microsoft.comhttp://support.avaya.com/elmodocs2/security/ASA-2009-083.htm
secure@microsoft.comhttp://www.kb.cert.org/vuls/id/319331US Government Resource
secure@microsoft.comhttp://www.securityfocus.com/bid/33988
secure@microsoft.comhttp://www.securitytracker.com/id?1021831
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA09-069A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2009/0661
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715
af854a3a-2127-422b-91ae-364da2661108http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/52518
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34217
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/319331US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33988
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021831
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-069A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0661
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T04:24:18.478Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "TA09-069A",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT",
                     "x_transferred",
                  ],
                  url: "http://www.us-cert.gov/cas/techalerts/TA09-069A.html",
               },
               {
                  name: "ADV-2009-0661",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2009/0661",
               },
               {
                  name: "34217",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/34217",
               },
               {
                  name: "VU#319331",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/319331",
               },
               {
                  name: "52518",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://osvdb.org/52518",
               },
               {
                  name: "oval:org.mitre.oval:def:5715",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm",
               },
               {
                  name: "33988",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/33988",
               },
               {
                  name: "MS09-008",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MS",
                     "x_transferred",
                  ],
                  url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008",
               },
               {
                  name: "1021831",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1021831",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2009-03-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger \"unnecessary lookups,\" aka \"DNS Server Response Validation Vulnerability.\"",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-12T19:57:01",
            orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            shortName: "microsoft",
         },
         references: [
            {
               name: "TA09-069A",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT",
               ],
               url: "http://www.us-cert.gov/cas/techalerts/TA09-069A.html",
            },
            {
               name: "ADV-2009-0661",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2009/0661",
            },
            {
               name: "34217",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/34217",
            },
            {
               name: "VU#319331",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/319331",
            },
            {
               name: "52518",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://osvdb.org/52518",
            },
            {
               name: "oval:org.mitre.oval:def:5715",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm",
            },
            {
               name: "33988",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/33988",
            },
            {
               name: "MS09-008",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MS",
               ],
               url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008",
            },
            {
               name: "1021831",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1021831",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secure@microsoft.com",
               ID: "CVE-2009-0234",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger \"unnecessary lookups,\" aka \"DNS Server Response Validation Vulnerability.\"",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "TA09-069A",
                     refsource: "CERT",
                     url: "http://www.us-cert.gov/cas/techalerts/TA09-069A.html",
                  },
                  {
                     name: "ADV-2009-0661",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2009/0661",
                  },
                  {
                     name: "34217",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/34217",
                  },
                  {
                     name: "VU#319331",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/319331",
                  },
                  {
                     name: "52518",
                     refsource: "OSVDB",
                     url: "http://osvdb.org/52518",
                  },
                  {
                     name: "oval:org.mitre.oval:def:5715",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715",
                  },
                  {
                     name: "http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm",
                     refsource: "CONFIRM",
                     url: "http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm",
                  },
                  {
                     name: "33988",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/33988",
                  },
                  {
                     name: "MS09-008",
                     refsource: "MS",
                     url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008",
                  },
                  {
                     name: "1021831",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1021831",
                  },
                  {
                     name: "http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx",
                     refsource: "CONFIRM",
                     url: "http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
      assignerShortName: "microsoft",
      cveId: "CVE-2009-0234",
      datePublished: "2009-03-11T14:00:00",
      dateReserved: "2009-01-20T00:00:00",
      dateUpdated: "2024-08-07T04:24:18.478Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2009-0234\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2009-03-11T14:19:15.297\",\"lastModified\":\"2024-11-21T00:59:24.587\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger \\\"unnecessary lookups,\\\" aka \\\"DNS Server Response Validation Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"El DNS Resolver Cache Service (también conocido como DNSCache) en Windows DNS Server en Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, y Server 2008, no cachea adecuadamente las respuestas DNS manipuladas, lo que facilita a atacantes remotos el predecir los IDs de las transacción y envenenar la caché mediante el envío de varias peticiones DNS manipuladas lo que provoca \\\"lookups innecesarios\\\", también conocida como \\\"vulnerabilidad DNS Server Response Validation \\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31A64C69-D182-4BEC-BA8A-7B405F5B2FC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA778424-6F70-4AB6-ADD5-5D4664DFE463\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"BCE2197B-7C58-4693-B9BB-0B31EABB6B66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3B5E4F-56A6-4696-BBB4-19DF3613D020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"7F9C7616-658D-409D-8B53-AC00DC55602A\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://osvdb.org/52518\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/34217\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/319331\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/33988\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securitytracker.com/id?1021831\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-069A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0661\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/52518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/319331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/33988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021831\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-069A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0661\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.