CVE-2000-1218

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 14, 2000

Updated: Nov 20, 2024

CWE ID 346

Summary

CVE-2000-1218 is a vulnerability affecting Microsoft Windows 98, NT 4.0, 2000, and XP. The default configuration for these operating systems' domain name resolver sets the QueryIpMatching parameter to 0, allowing remote attackers to update DNS information for domains that the affected system did not query. This can lead to DNS cache poisoning, potentially redirecting users to fraudulent websites or disrupting network communication.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows NT
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 98 Plus Pack

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlcRM
https://www.cve.org/CVERecord?id=CVE-2000-1218
https://nvd.nist.gov/vuln/detail/CVE-2000-1218

Back to Vulnerability Database