The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrosoft Windows 2000
OSMicrosoftwszystkie wersjeMicrosoft Windows 98
OSMicrosoftwszystkie wersjeMicrosoft Windows 98se
OSMicrosoftwszystkie wersjeMicrosoft Windows Nt
OSMicrosoft4.0Microsoft Windows Xp
OSMicrosoftwszystkie wersje
Related vulnerabilities
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute ar...
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1,...
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical...
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and...
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access ...