Microsoft Windows DNS Resource Record Cache Corruption Vulnerability

A vulnerability has been discovered in the DNS server on the Windows NT and Windows 2000 operating systems. The problem occurs in the caching of glue records. It has been reported that glue records received from non-delegated name servers will be cached by default. This may allow for a malicious server to respond to a legitimate DNS query with a spoofed DNS response, designed to contain the necessary glue record characteristics.

A client making a request for a legitimate host may receive a corrupted record located in the DNS server's cache. This could result in the user being directed to an unexpected and malicious website.


 

Privacy Statement
Copyright 2010, SecurityFocus