Check Point Advisories

Preemptive Protection against Multiple Vendor DNS Insufficient Socket Entropy Vulnerability

Check Point Reference: CPAI-2008-092
Date Published: 8 Jul 2008
Severity: High
Last Updated: Wednesday 22 October, 2008
Source: Microsoft Security Bulletin MS08-037
Industry Reference:CVE-2008-1447
US-CERT VU#800113
Protection Provided by:
Who is Vulnerable? Internet Systems Consortium (ISC) BIND versions prior to 9.5.1
Microsoft Windows 2000 SP4
Windows XP SP2
Windows XP SP3
Windows XP Professional x64 Edition
Windows XP Professional x64 Edition SP2
Windows XP Professional x64 Edition SP3
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Server 2003 x64 Edition
Windows Server 2003 x64 Edition SP2
Windows Server 2003 with SP1 (Itanium)
Windows Server 2003 with SP2 (Itanium)
Vulnerability Description A Spoofing vulnerability has been reported in major DNS implementations, including Microsoft Windows DNS service and Berkeley Internet Name Domain (BIND). DNS Spoofing allows an attacker to change a DNS entry so it would point to an IP of his own choice. This vulnerability could allow an attacker to spoof responses and insert records into the DNS server or client cache, thereby spoofing or redirecting Internet traffic from legitimate locations.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS08-037
Vulnerability DetailsThe vulnerability is due to the lack of enough entropy when performing DNS queries, which allows remote attackers to spoof DNS replies. A remote attacker that gained information about a target DNS can exploit this issue to send malicious queries/responses to DNS requests. Successful exploitation could allow the attacker to insert arbitrary addresses into the DNS cache, redirecting Internet traffic from legitimate locations to an address of his choice.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.