DNS: Negative Response ANY Query
This signature detects negative responses for DNS type Any queries. A negative response for type Any could indicate a possible DNS poisoning attack resulting in unsuspected users being forced to view information that was unintended.
Extended Description
The Microsoft Windows DNS Server is prone to a DNS-spoofing vulnerability because the software fails to properly reuse cached responses. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
Affected Products
Avaya messaging_application_server,Microsoft windows_server_2003_standard_edition
Short Name
DNS:NEGANY
Severity
Info
Recommended
False
Recommended Action
None
Category
DNS
Keywords
ANY CVE-2009-0233 CVE-2009-0234 Negative Query Response bid:33988
Release Date
03/10/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3729
False Positive
Rarely
Vendors
Microsoft
Avaya
CVSS Score
5.8
6.4