← Volver a CVEs
CVE-2000-1218
CRITICAL9.8
Descripcion
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado4/14/2000
Ultima modificacion4/16/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
microsoft:windows_2000microsoft:windows_98microsoft:windows_98semicrosoft:windows_ntmicrosoft:windows_xp
Debilidades (CWE)
CWE-346
Referencias
http://www.kb.cert.org/vuls/id/458659(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/4280(cve@mitre.org)
http://www.kb.cert.org/vuls/id/458659(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/4280(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.