Microsoft Windows DNS Server WPAD Access Validation Vulnerability

info
discussion
exploit
solution
references

Microsoft Windows DNS Server WPAD Access Validation Vulnerability

The Microsoft Windows DNS Server is prone to an access-validation vulnerability because the software fails to properly restrict access when defining WPAD (Web Proxy Autodiscovery Protocol) entries.

An authenticated attacker may exploit this issue to create a WPAD DNS entry. This may aid in man-in-the-middle and spoofing attacks. Other attacks are also possible.