CVE-2007-3898

NONECVSS 0.0

0.0

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

🔗 References (30)

secure@microsofthttp://secunia.com/advisories/27584
secure@microsofthttp://securityreason.com/securityalert/3373
secure@microsofthttp://www.kb.cert.org/vuls/id/484649
secure@microsofthttp://www.scanit.be/advisory-2007-11-14.html
secure@microsofthttp://www.securityfocus.com/archive/1/483635/100/0/threaded
secure@microsofthttp://www.securityfocus.com/archive/1/483698/100/0/threaded
secure@microsofthttp://www.securityfocus.com/archive/1/484186/100/0/threaded
secure@microsofthttp://www.securityfocus.com/bid/25919
secure@microsofthttp://www.securitytracker.com/id?1018942
secure@microsofthttp://www.trusteer.com/docs/windowsdns.html
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA07-317A.html
secure@microsofthttp://www.vupen.com/english/advisories/2007/3848
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-062
secure@microsofthttps://exchange.xforce.ibmcloud.com/vulnerabilities/36805
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4395

Is Your Infrastructure Affected by CVE-2007-3898?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-3898

📅 Published

🔄 Last Modified

🔗 References (30)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-3898?