Unrated severityNVD Advisory· Published Mar 11, 2009· Updated Apr 23, 2026
CVE-2009-0234
CVE-2009-0234
Description
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger "unnecessary lookups," aka "DNS Server Response Validation Vulnerability."
Affected products
7- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- www.kb.cert.org/vuls/id/319331nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA09-069A.htmlnvdUS Government Resource
- blogs.technet.com/srd/archive/2009/03/13/ms09-008-dns-and-wins-server-security-update-in-more-detail.aspxnvd
- osvdb.org/52518nvd
- secunia.com/advisories/34217nvd
- support.avaya.com/elmodocs2/security/ASA-2009-083.htmnvd
- www.securityfocus.com/bid/33988nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2009/0661nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-008nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5715nvd
News mentions
0No linked articles in our index yet.