CVE-2000-1218

First published: Fri Apr 14 2000(Updated: )

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Credit: cve@mitre.org cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/weakness
• agent/severity
• agent/references
• agent/author
• agent/type
• agent/event
• agent/description
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• agent/tags
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• vendor/microsoft
• canonical/microsoft windows nt
• version/microsoft windows nt/4.0
• version/microsoft windows nt/4.0-sp4
• canonical/microsoft windows xp
• version/microsoft windows xp/sp1
• version/microsoft windows nt/4.0-sp2
• version/microsoft windows nt/4.0-sp5
• version/microsoft windows xp/gold
• canonical/microsoft windows 2000
• version/microsoft windows nt/4.0-sp6
• version/microsoft windows 2000/sp4
• version/microsoft windows xp/sp2
• version/microsoft windows nt/4.0-sp6a
• version/microsoft windows nt/4.0-sp1
• canonical/microsoft windows 98se
• version/microsoft windows 2000/sp2
• version/microsoft windows nt/4.0-sp3
• version/microsoft windows 2000/sp1
• canonical/microsoft windows 98
• version/microsoft windows 98/gold
• version/microsoft windows 2000/sp3