cvelist/2007/3xxx/CVE-2007-3898.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2007-3898",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20071113 After 6 months - fix available for Microsoft DNS cache poisoning attack",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/483635/100/0/threaded"
         },
         {
            "name" : "20071114 Predictable DNS transaction IDs in Microsoft DNS Server",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/483698/100/0/threaded"
         },
         {
            "name" : "http://www.trusteer.com/docs/windowsdns.html",
            "refsource" : "MISC",
            "url" : "http://www.trusteer.com/docs/windowsdns.html"
         },
         {
            "name" : "http://www.scanit.be/advisory-2007-11-14.html",
            "refsource" : "MISC",
            "url" : "http://www.scanit.be/advisory-2007-11-14.html"
         },
         {
            "name" : "HPSBST02291",
            "refsource" : "HP",
            "url" : "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
         },
         {
            "name" : "SSRT071498",
            "refsource" : "HP",
            "url" : "http://www.securityfocus.com/archive/1/484186/100/0/threaded"
         },
         {
            "name" : "MS07-062",
            "refsource" : "MS",
            "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-062"
         },
         {
            "name" : "TA07-317A",
            "refsource" : "CERT",
            "url" : "http://www.us-cert.gov/cas/techalerts/TA07-317A.html"
         },
         {
            "name" : "VU#484649",
            "refsource" : "CERT-VN",
            "url" : "http://www.kb.cert.org/vuls/id/484649"
         },
         {
            "name" : "25919",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/25919"
         },
         {
            "name" : "ADV-2007-3848",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2007/3848"
         },
         {
            "name" : "oval:org.mitre.oval:def:4395",
            "refsource" : "OVAL",
            "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4395"
         },
         {
            "name" : "1018942",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id?1018942"
         },
         {
            "name" : "27584",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/27584"
         },
         {
            "name" : "3373",
            "refsource" : "SREASON",
            "url" : "http://securityreason.com/securityalert/3373"
         },
         {
            "name" : "win-dns-spoof-information-disclosure(36805)",
            "refsource" : "XF",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36805"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2007-3898",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20071113 After 6 months - fix available for Microsoft DNS cache poisoning attack",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-15 17:03:25 -04:00			`"url" : "http://www.securityfocus.com/archive/1/483635/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20071114 Predictable DNS transaction IDs in Microsoft DNS Server",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-15 17:03:25 -04:00			`"url" : "http://www.securityfocus.com/archive/1/483698/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.trusteer.com/docs/windowsdns.html",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.trusteer.com/docs/windowsdns.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.scanit.be/advisory-2007-11-14.html",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.scanit.be/advisory-2007-11-14.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "HPSBST02291",`
			`"refsource" : "HP",`
- Synchronized data. 2018-10-15 17:03:25 -04:00			`"url" : "http://www.securityfocus.com/archive/1/484186/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SSRT071498",`
			`"refsource" : "HP",`
- Synchronized data. 2018-10-15 17:03:25 -04:00			`"url" : "http://www.securityfocus.com/archive/1/484186/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "MS07-062",`
			`"refsource" : "MS",`
- Synchronized data. 2018-10-12 16:04:25 -04:00			`"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-062"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "TA07-317A",`
			`"refsource" : "CERT",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.us-cert.gov/cas/techalerts/TA07-317A.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "VU#484649",`
			`"refsource" : "CERT-VN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.kb.cert.org/vuls/id/484649"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "25919",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/25919"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2007-3848",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2007/3848"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "oval:org.mitre.oval:def:4395",`
			`"refsource" : "OVAL",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4395"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1018942",`
			`"refsource" : "SECTRACK",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securitytracker.com/id?1018942"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "27584",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/27584"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "3373",`
			`"refsource" : "SREASON",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://securityreason.com/securityalert/3373"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "win-dns-spoof-information-disclosure(36805)",`
			`"refsource" : "XF",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36805"`
			`}`
			`]`
			`}`
			`}`