Support Headlines

Microsoft Security Bulletin MS08-037 [Bulletin, Advisory] addresses two security flaws in the design of DNS that permit DNS cache poisoning attacks.

DNS cache poisoning is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. This can happen through improper software design, misconfiguration of name servers and maliciously designed scenarios exploiting the traditionally open-architecture of the DNS system. Once a DNS server has received such non-authentic data and caches it for future performance increase, it is considered poisoned, supplying the non-authentic data to the clients of the server.

Nortel is still evaluating the impact of this vulnerability on it’s products, but had this to say about those products which may be affected:

The following Nortel Generally Available products are potentially vulnerable to the security issue outlined in the Microsoft Security Bulletin MS08-037 in that, while there is no direct dependency with the Nortel product, the affected component is a base component of Windows.  Pleae refer to the product-specific text below for instructions on how to proceed.

For more information, please open a Question ticket using the VOX Service Request Portal.