DNS Spoofing Vulnerability in Microsoft Windows and Exchange Servers
CVE-2010-1689

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows 2000
Vendor
CVE Published:
7 May 2010

What is CVE-2010-1689?

The DNS implementation within smtpsvc.dll across various versions of Microsoft Windows and Exchange Server is vulnerable due to predictable transaction IDs. This weakness allows attackers to carry out man-in-the-middle attacks by spoofing DNS responses, thereby potentially redirecting users or accessing sensitive information. This issue particularly affects legacy systems, making it essential for organizations to assess and fortify their security posture against such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.coresecurity.com/content/CORE-2010-0424-window...
x_refsource_MISC
http://www.securityfocus.com/bid/39908
vdb-entryx_refsource_BID
http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.