CVE-2009-0094

Severity Score

5.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) features, and conduct man-in-the-middle attacks by spoofing a proxy server or ISATAP route, by registering one of these names in the WINS database, aka "WPAD WINS Server Registration Vulnerability," a related issue to CVE-2007-1692.

El servidor WINS en Microsoft Windows 2000 SP4 y Server 2003 SP1 y SP2 no limita el registro de los nombres NetBIOS (1) "wpad" y (2) "isatap", lo que permite a usuarios autenticados remotamente secuestrar las características Web Proxy Auto-Discovery (WPAD) y Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), y llevar a cabo ataques del tipo "Man in The Middle (hombre en el medio)" mediante la suplantación de un servidor proxy o ruta ISATAP registrando uno de esos nombres en la base de datos del WINS. También conocida como "Vulnerabilidad WPAD WINS Server Registration", cuestión relacionada con el CVE-2007-1692.

*Credits: N/A

CVSS Scores

NISTv2 5.5

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-01-08 CVE Reserved
2009-03-11 CVE Published
2024-08-07 CVE Updated
2024-10-25 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
http://blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspx	X_refsource_confirm
http://osvdb.org/52520	Vdb Entry
http://secunia.com/advisories/34217	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-083.htm	X_refsource_confirm
http://www.securityfocus.com/bid/34013	Vdb Entry
http://www.securitytracker.com/id?1021829	Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA09-069A.html	Third Party Advisory
http://www.vupen.com/english/advisories/2009/0661	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6117	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008	2019-02-26

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Windows 2000 Search vendor "Microsoft" for product "Windows 2000"				*		sp4		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				*		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				*		sp1		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				*		sp1, itanium		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				*		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				*		-		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				*		x64		Affected