SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Microsoft Exchange Vendors:   Microsoft
(Microsoft Exchange Server is Affected) Windows SMTP Service Uses Predictable Transaction IDs and Fails to Validate Response IDs Which May Permit DNS Spoofing
SecurityTracker Alert ID:  1023940
SecurityTracker URL:  http://securitytracker.com/id/1023940
CVE Reference:   CVE-2010-1689, CVE-2010-1690   (Links to External Site)
Updated:  May 5 2010
Original Entry Date:  May 5 2010
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000 SP3, 2003 SP2, 2007 SP2, 2010
Description:   Two vulnerabilities were reported in Windows SMTP Service. A remote user can spoof DNS responses. Microsoft Exchange Server is affected.

The DNS queries generated by the Windows SMTP Service use predictable values for the transaction ID field [CVE-2010-1689].

The Windows SMTP Service does not validate that the ID field of a received DNS response matches the value provided in the original query [CVE-2010-1690].

A remote user can exploit these flaws to spoof DNS responses and poison the DNS cache on the target system.

Microsoft Exchange is affected by these vulnerabilities.

Nicolas Economou reported these vulnerabilities.

Impact:   A remote user can spoof DNS responses.
Solution:   Microsoft fixed these vulnerabilities as part of MS10-024.

[Editor's note: Microsoft does not consider these flaws to be vulnerabilities. Microsoft considers the patches included in MS10-024 to be "security-in-depth" features and not vulnerability fixes.]

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx

Vendor URL:  www.microsoft.com/technet/security/Bulletin/MS10-024.mspx (Links to External Site)
Cause:   Authentication error, Randomization error
Underlying OS:  Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
May 5 2010 Windows SMTP Service Uses Predictable Transaction IDs and Fails to Validate Response IDs Which May Permit DNS Spoofing



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC