What is the severity of CVE-2000-1218?

CVE-2000-1218 is considered critical because it allows remote attackers to poison the DNS cache.

How do I fix CVE-2000-1218?

To fix CVE-2000-1218, configure the QueryIpMatching parameter to a value other than 0.

What systems are affected by CVE-2000-1218?

CVE-2000-1218 affects Microsoft Windows 98, NT 4.0, 2000, and XP, especially in their default configurations.

Can CVE-2000-1218 be exploited remotely?

Yes, CVE-2000-1218 can be exploited remotely by attackers sending malicious DNS updates.

What are the potential impacts of CVE-2000-1218?

The potential impacts of CVE-2000-1218 include unauthorized access to sensitive information and the ability to redirect network traffic.

Vulnerability/
CVE-2000-1218

critical

9.8

CWE

NVD-CWE-Other 346

14/4/2000

20/11/2024

CVE-2000-1218

First published: Fri Apr 14 2000(Updated: )

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp4
Microsoft Windows XP	=sp1
Microsoft Windows NT	=4.0-sp2
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp5
Microsoft Windows XP	=gold
Microsoft Windows 2000
Microsoft Windows NT	=4.0-sp6
Microsoft Windows 2000	=sp4
Microsoft Windows XP	=sp2
Microsoft Windows XP
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0-sp1
Microsoft Windows XP	=sp1
Microsoft Windows 98SE
Microsoft Windows NT	=4.0-sp2
Microsoft Windows 2000	=sp2
Microsoft Windows NT	=4.0-sp1
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp3
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0-sp6
Microsoft Windows 2000	=sp1
Microsoft Windows XP	=sp2
Microsoft Windows XP
Microsoft Windows NT	=4.0-sp3
Microsoft Windows NT	=4.0-sp5
Microsoft Windows 98	=gold
Microsoft Windows 2000	=sp3



	=4.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2000-1218?
CVE-2000-1218 is considered critical because it allows remote attackers to poison the DNS cache.
How do I fix CVE-2000-1218?
To fix CVE-2000-1218, configure the QueryIpMatching parameter to a value other than 0.
What systems are affected by CVE-2000-1218?
CVE-2000-1218 affects Microsoft Windows 98, NT 4.0, 2000, and XP, especially in their default configurations.
Can CVE-2000-1218 be exploited remotely?
Yes, CVE-2000-1218 can be exploited remotely by attackers sending malicious DNS updates.
What are the potential impacts of CVE-2000-1218?
The potential impacts of CVE-2000-1218 include unauthorized access to sensitive information and the ability to redirect network traffic.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/severity
agent/author
agent/weakness
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/event
agent/source
vendor/microsoft
canonical/microsoft windows nt
version/microsoft windows nt/4.0
version/microsoft windows nt/4.0-sp4
canonical/microsoft windows xp
version/microsoft windows xp/sp1
version/microsoft windows nt/4.0-sp2
version/microsoft windows nt/4.0-sp5
version/microsoft windows xp/gold
canonical/microsoft windows 2000
version/microsoft windows nt/4.0-sp6
version/microsoft windows 2000/sp4
version/microsoft windows xp/sp2
version/microsoft windows nt/4.0-sp6a
version/microsoft windows nt/4.0-sp1
canonical/microsoft windows 98se
version/microsoft windows 2000/sp2
version/microsoft windows nt/4.0-sp3
version/microsoft windows 2000/sp1
canonical/microsoft windows 98
version/microsoft windows 98/gold
version/microsoft windows 2000/sp3