Vulnerability Description
The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundaries and would not be a vulnerability. It has also been reported that DHCP is an alternate attack vector.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2003 Server | 2000 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/isn/2007-q1/0418.html
- http://isc.sans.org/diary.html?storyid=2517
- http://news.com.com/Windows+weakness+can+lead+to+network+traffic+hijacks/2100-10
- http://support.microsoft.com/kb/934864
- http://www.vupen.com/english/advisories/2007/1115Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33244
- http://archives.neohapsis.com/archives/isn/2007-q1/0418.html
- http://isc.sans.org/diary.html?storyid=2517
- http://news.com.com/Windows+weakness+can+lead+to+network+traffic+hijacks/2100-10
- http://support.microsoft.com/kb/934864
- http://www.vupen.com/english/advisories/2007/1115Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33244
FAQ
What is CVE-2007-1692?
CVE-2007-1692 is a vulnerability with a CVSS score of 7.5 (HIGH). The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering ...
How severe is CVE-2007-1692?
CVE-2007-1692 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1692?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2003 Server.