CVE-2000-1218

Description

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Microsoft / windows_2000
Microsoft / windows_98
Microsoft / windows_98se
Microsoft / windows_nt4.0 – 4.0
Microsoft / windows_xp

References

MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/4280
MISChttp://www.kb.cert.org/vuls/id/458659