CVE-2008-0087 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Microsoft	Windows 2000	-
Microsoft	Windows Server 2003	-
Microsoft	Windows Vista	-
Microsoft	Windows Xp	-

Related Weaknesses (CWE)

CWE-330

References

http://marc.info/?l=bugtraq&m=120845064910729&w=2Mailing ListThird Party Advisory
http://secunia.com/advisories/29696Broken LinkThird Party Advisory
http://www.securityfocus.com/archive/1/490575/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/28553Broken LinkPatchThird Party Advisory
http://www.securitytracker.com/id?1019802Broken LinkThird Party AdvisoryVDB Entry
http://www.trusteer.com/docs/windowsresolver.htmlBroken Link
http://www.us-cert.gov/cas/techalerts/TA08-099A.htmlBroken LinkThird Party AdvisoryUS Government Resource
http://www.vupen.com/english/advisories/2008/1144/referencesBroken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-02PatchVendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken LinkThird Party Advisory
http://marc.info/?l=bugtraq&m=120845064910729&w=2Mailing ListThird Party Advisory
http://secunia.com/advisories/29696Broken LinkThird Party Advisory
http://www.securityfocus.com/archive/1/490575/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/28553Broken LinkPatchThird Party Advisory
http://www.securitytracker.com/id?1019802Broken LinkThird Party AdvisoryVDB Entry

FAQ

What is CVE-2008-0087?

CVE-2008-0087 is a vulnerability with a CVSS score of 7.5 (HIGH). The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

How severe is CVE-2008-0087?

CVE-2008-0087 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0087?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Xp.