Russian Vulnerability Scanner Database

Back to List

CVE-2009-0234

Scores

EPSS

0.691medium69.1%
0%20%40%60%80%100%

Percentile: 69.1%

CVSS

6.4medium2.0
0246810

CVSS Score: 6.4/10

All CVSS Scores

CVSS 2.0
6.4

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Description

The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger “unnecessary lookups,” aka “DNS Server Response Validation Vulnerability.”

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-20

Vulnerable Software (3)

Type: Configuration

Vendor: *

Product: windows_2000

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2003

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2008

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:...

Source: nvd

End of list