Vulnerability Details : CVE-2000-1218
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
Exploit prediction scoring system (EPSS) score for CVE-2000-1218
Probability of exploitation activity in the next 30 days: 0.64%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2000-1218
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2000-1218
-
The product does not properly verify that the source of data or communication is valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2000-1218
-
http://www.kb.cert.org/vuls/id/458659
VU#458659 - Microsoft Windows domain name resolver service accepts responses from non-queried DNS servers by defaultThird Party Advisory;US Government Resource
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/4280
Microsoft DNS resolver may accept responses from non-queried hosts CVE-2000-1218 Vulnerability ReportThird Party Advisory;VDB Entry
Products affected by CVE-2000-1218
- cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*