Check or Attack Name: DNS version

This version of Windows NT 4.0 DNS is vulnerable to denial of service and spoofing attacks. These attacks can allow an attacker to access sensitive information.

Apply the latest Windows NT 4.0 Service Pack or the post-SP2 dns-fix patch.

To apply the latest Windows NT Service Pack, follow these steps:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks/ and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

If Windows NT 4.0 Service Pack 3 (SP3) or later cannot be applied, Windows NT 4.0 SP2 users must obtain and install the post-SP2 dns-fix hotfix available from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP2/dns-fix.

Fyodor's Exploit World, Another way to crash NT DNS server, http://www.insecure.org/sploits/NT.DNS.character_flood.html

Microsoft Knowledge Base Article Q169461, Access Violation in DNS.EXE Caused by Malicious Telnet Attack, http://support.microsoft.com/support/kb/articles/Q169/4/61.asp

Microsoft Knowledge Base Article Q142047, Bad Network Packet May Cause Access Violation (AV) on DNS Server, http://support.microsoft.com/support/kb/articles/Q142/0/47.asp

Microsoft Knowledge Base Article Q154984, DNS Server May Not Recursively Resolve Some Names, http://support.microsoft.com/support/kb/articles/Q154/9/84.asp

Microsoft Knowledge Base Article Q154985, DNS Registry Key Not Updated When Changing Zone Type, http://support.microsoft.com/support/kb/articles/Q154/9/85.asp

Microsoft Knowledge Base Article Q167629, Predictable Query IDs Pose Security Risks for DNS Servers, http://support.microsoft.com/support/kb/articles/Q167/6/29.asp