(Microsoft Exchange Server is Affected) Windows SMTP Service Uses Predictable Transaction IDs and Fails to Validate Response IDs Which May Permit DNS Spoofing
|
|
SecurityTracker Alert ID: 1023940 |
|
SecurityTracker URL: http://securitytracker.com/id/1023940
|
|
CVE Reference:
CVE-2010-1689, CVE-2010-1690
(Links to External Site)
|
Updated: May 5 2010
|
Original Entry Date: May 5 2010
|
Impact:
Modification of system information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000 SP3, 2003 SP2, 2007 SP2, 2010
|
Description:
Two vulnerabilities were reported in Windows SMTP Service. A remote user can spoof DNS responses. Microsoft Exchange Server is affected.
The DNS queries generated by the Windows SMTP Service use predictable values for the transaction ID field [CVE-2010-1689].
The Windows SMTP Service does not validate that the ID field of a received DNS response matches the value provided in the original query [CVE-2010-1690].
A remote user can exploit these flaws to spoof DNS responses and poison the DNS cache on the target system.
Microsoft Exchange is affected by these vulnerabilities.
Nicolas Economou reported these vulnerabilities.
|
Impact:
A remote user can spoof DNS responses.
|
Solution:
Microsoft fixed these vulnerabilities as part of MS10-024.
[Editor's note: Microsoft does not consider these flaws to be vulnerabilities. Microsoft considers the patches included in MS10-024 to be "security-in-depth" features and not vulnerability fixes.]
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx
|
Vendor URL: www.microsoft.com/technet/security/Bulletin/MS10-024.mspx (Links to External Site)
|
Cause:
Authentication error, Randomization error
|
Underlying OS:
Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 05 May 2010 05:22:37 +0000
Subject: Microsoft Exchange
|
CVE-2010-1689, CVE-2010-1690
|
|
